March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Fortinet FortiOS, FortiProxy and FortiSwitchManager Vulnerabilities
June 13, 2023Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
June 13, 2023Rewterz Threat Advisory – Fortinet FortiOS, FortiProxy and FortiSwitchManager Vulnerabilities
June 13, 2023Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
June 13, 2023
Severity
High
Analysis Summary
CVE-2023-34212 CVSS:8.8
Apache NiFi could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the JndiJmsConnectionFactoryProvider Controller Service. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-34468 CVSS:8.8
Apache NiFi could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the DBCPConnectionPool and HikariCPConnectionPool Controller Services when using H2. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-34212
- CVE-2023-34468
Affected Vendors
Apache
Affected Products
- Apache NiFi 0.0.2
- Apache NiFi 1.21.0
- Apache NiFi 1.8.0
Remediation
Upgrade to the latest version of Apache NiFi, available from the Apache Website.