Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apache Solr Vulnerabilities
February 12, 2024
Rewterz
Rewterz Threat Alert – New RustDoor MacOS Malware Linked to ALPHV/BlackCat Ransomware Gang Impersonates Visual Studio Update – Active IOCs
February 12, 2024

Rewterz Threat Advisory – Multiple IBM Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-22332 CVSS:6.5

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion.

CVE-2024-22318 CVSS:5.1

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user’s session. The hostile server could capture the NTLM hash information to obtain the user’s credentials.

CVE-2023-45191 CVSS:7.5

IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

CVE-2023-45190 CVSS:5.1

IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

CVE-2023-45187 CVSS:6.3

IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2023-42016 CVSS:4.3

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.

CVE-2023-32341 CVSS:6.5

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption.

Impact

  • Denial of Service
  • Gain Access
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2024-22332
  • CVE-2024-22318
  • CVE-2023-45191
  • CVE-2023-45190
  • CVE-2023-45187
  • CVE-2023-42016
  • CVE-2023-32341

Affected Vendors

IBM

Affected Products

  • IBM Sterling B2B Integrator 6.0.0.0
  • IBM Sterling B2B Integrator 6.1.0.0
  • IBM Engineering Lifecycle Optimization Publishing 7.0.2
  • IBM Sterling B2B Integrator 6.0.3.8
  • IBM Integration Bus for z/OS 10.1
  • IBM Integration Bus for z/OS 10.1.0.2
  • IBM i Access Family 1.1.2
  • IBM i Access Family 1.1.4
  • IBM i Access Family 1.1.4.3
  • IBM i Access Family 1.1.9.4
  • IBM Engineering Lifecycle Optimization Publishing 7.0.3
  • IBM Sterling B2B Integrator 6.1.2.3

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-22332

CVE-2024-22318

CVE-2023-45191

CVE-2023-45190

CVE-2023-45187

CVE-2023-42016

CVE-2023-32341