Rewterz Threat Advisory – Multiple IBM Navigator for i Vulnerabilities

December 26, 2022

Rewterz Threat Advisory – CVE-2022-46771 – IBM UrbanCode Deploy (UCD) Vulnerability

December 26, 2022

Rewterz Threat Advisory – Multiple IBM Financial Transaction Manager Vulnerabilities

December 26, 2022

Severity

Medium

Analysis Summary

CVE-2022-43875 CVSS:6.2

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations.

CVE-2022-43872 CVSS:5.3

IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system.

Impact

Denial of Service
Information Disclosure

Indicators Of Compromise

CVE

CVE-2022-43875
CVE-2022-43872

Affected Vendors

IBM

Affected Products

IBM Financial Transaction Manager 3.2.4

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

North Korea-Linked Konni APT Group – Active IOCs

Quasar RAT aka CinaRAT – Active IOCs

DslogdRAT Deployed via Ivanti Connect Secure Exploit – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple IBM Navigator for i Vulnerabilities

Rewterz Threat Advisory – CVE-2022-46771 – IBM UrbanCode Deploy (UCD) Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.