Rewterz

Rewterz Threat Alert – ALPHV Ransomware Gang Stole Over $300 Million from More Than 1000 Victims

December 22, 2023
Rewterz

Rewterz Threat Advisory – Multiple IBM UrbanCode Deploy Vulnerabilities

December 22, 2023

Rewterz Threat Advisory – Multiple IBM Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-40691 CVSS:4.9

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 may reveal sensitive information contained in application configuration to developer and administrator users.

CVE-2023-46177 CVSS:6.5

IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system.

CVE-2023-45172 CVSS:6.2

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX Windows to cause a denial of service.

CVE-2023-35895 CVSS:6.3

IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API.

Impact

  • Denial of Service
  • Information Disclosure
  • Cross-Site Scripting

Indicators Of Compromise

CVE

  • CVE-2023-40691
  • CVE-2023-46177
  • CVE-2023-45172
  • CVE-2023-35895

Affected Vendors

IBM

Affected Products

  • IBM AIX 7.2
  • IBM VIOS 3.1
  • IBM AIX 7.3
  • IBM Cloud Pak for Business Automation 18.0.0
  • IBM Cloud Pak for Business Automation 18.0.1
  • IBM Cloud Pak for Business Automation 18.0.2
  • IBM Cloud Pak for Business Automation 19.0.1
  • IBM Cloud Pak for Business Automation 19.0.2
  • IBM Cloud Pak for Business Automation 19.0.3
  • IBM Cloud Pak for Business Automation 20.0.1
  • IBM Cloud Pak for Business Automation 20.0.2
  • IBM Cloud Pak for Business Automation 20.0.3
  • IBM Cloud Pak for Business Automation 21.0.1
  • IBM Cloud Pak for Business Automation 21.0.3
  • IBM MQ Appliance 9.3 CD
  • IBM MQ Appliance 9.3 LTS
  • IBM Cloud Pak for Business Automation 22.0.2
  • IBM Cloud Pak for Business Automation 23.0.1
  • IBM Informix JDBC 4.10
  • IBM Informix JDBC 4.50

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.