Rewterz

Multiple IBM Products Vulnerabilities

August 12, 2024

Penetration Testing vs. Vulnerability Scanning: What’s the Difference?

August 12, 2024

Multiple Apache Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-30188 CVS:8.1

Apache DolphinScheduler could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to perform arbitrary read and write to the resource files.

CVE-2024-42447 CVSS:7.5

Apache Airflow Providers FAB could allow a remote attacker to bypass security restrictions, caused by insufficient session expiration. By sending a specially crafted request, an attacker could exploit this vulnerability to gain access to another user session.

CVE-2024-42222 CVSS:5.3

Apache CloudStack could allow a remote attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain list access of network details for domain admin and normal user accounts, and use this information to launch further attacks against the affected system.

Impact

  • Security Bypass
  • Information Obtain

Indicators of Compromise

CVE

  • CVE-2024-30188
  • CVE-2024-42447
  • CVE-2024-42222

Affected Vendors

Apache

Affected Products

  • Apache CloudStack 4.19.1.0
  • Apache DolphinScheduler 3.2.1
  • Apache Airflow Providers FAB 1.2.0
  • Apache Airflow Providers FAB 1.2.1

Remediation

Upgrade to the latest version of Apache, available from the Apache Website.

CVE-2024-30188

CVE-2024-42447

CVE-2024-42222

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.