April 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Apache Solr Vulnerabilities
February 12, 2024Rewterz Threat Alert – New RustDoor MacOS Malware Linked to ALPHV/BlackCat Ransomware Gang Impersonates Visual Studio Update – Active IOCs
February 12, 2024Rewterz Threat Advisory – Multiple Apache Solr Vulnerabilities
February 12, 2024Rewterz Threat Alert – New RustDoor MacOS Malware Linked to ALPHV/BlackCat Ransomware Gang Impersonates Visual Studio Update – Active IOCs
February 12, 2024
Severity
Medium
Analysis Summary
CVE-2024-22332 CVSS:6.5
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion.
CVE-2024-22318 CVSS:5.1
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user’s session. The hostile server could capture the NTLM hash information to obtain the user’s credentials.
CVE-2023-45191 CVSS:7.5
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
CVE-2023-45190 CVSS:5.1
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CVE-2023-45187 CVSS:6.3
IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVE-2023-42016 CVSS:4.3
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.
CVE-2023-32341 CVSS:6.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption.
Impact
- Denial of Service
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2024-22332
- CVE-2024-22318
- CVE-2023-45191
- CVE-2023-45190
- CVE-2023-45187
- CVE-2023-42016
- CVE-2023-32341
Affected Vendors
IBM
Affected Products
- IBM Sterling B2B Integrator 6.0.0.0
- IBM Sterling B2B Integrator 6.1.0.0
- IBM Engineering Lifecycle Optimization Publishing 7.0.2
- IBM Sterling B2B Integrator 6.0.3.8
- IBM Integration Bus for z/OS 10.1
- IBM Integration Bus for z/OS 10.1.0.2
- IBM i Access Family 1.1.2
- IBM i Access Family 1.1.4
- IBM i Access Family 1.1.4.3
- IBM i Access Family 1.1.9.4
- IBM Engineering Lifecycle Optimization Publishing 7.0.3
- IBM Sterling B2B Integrator 6.1.2.3
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.