March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple IBM UrbanCode Deploy Vulnerabilities
December 22, 2023Rewterz Threat Alert – Gafgyt aka Bashlite Malware – Active IOCs
December 23, 2023Rewterz Threat Advisory – Multiple IBM UrbanCode Deploy Vulnerabilities
December 22, 2023Rewterz Threat Alert – Gafgyt aka Bashlite Malware – Active IOCs
December 23, 2023
Severity
Medium
Analysis Summary
CVE-2023-45185 CVSS:7.4
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user’s authority.
CVE-2023-45182 CVSS:7.1
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems.
CVE-2023-47741 CVSS:5.4
IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. A malicious actor with access to the victim’s PC could exploit this vulnerability to gain access to the IBM i operating system.
Impact
- Code Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-45185
- CVE-2023-45182
- CVE-2023-47741
Affected Vendors
IBM
Affected Products
- IBM i 7.3
- IBM i 7.4
- IBM i Access Client Solutions 1.1.2
- IBM i Access Client Solutions 1.1.4
- IBM i Access Client Solutions 1.1.4.3
- IBM i 7.5
- IBM i Access Client Solutions 1.1.9.3
- IBM Db2 Mirror for i 7.4
- IBM Db2 Mirror for i 7.5
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.