May 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Gh0st RAT – Active IOCs
October 29, 2024
Several U.S. Telecom Providers Compromised by Chinese Threat Actors
October 29, 2024
Gh0st RAT – Active IOCs
October 29, 2024
Several U.S. Telecom Providers Compromised by Chinese Threat Actors
October 29, 2024
Severity
Medium
Analysis Summary
CVE-2024-43191 CVSS:7.2
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request.
CVE-2024-43177 CVSS:5.9
IBM Concert 1.0.0 and 1.0.1 could allow an attacker to perform unauthorized actions due to improper certificate validation.
CVE-2024-45073 CVSS:4.8
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2023-46175 CVSS:4.4
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user.
CVE-2024-31899 CVSS:4.3
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.
Impact
- Gain Access
- Cross-Site Scripting
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-43191
- CVE-2024-43177
- CVE-2024-45073
- CVE-2023-46175
- CVE-2024-31899
Affected Vendors
IBM
Affected Products
- IBM WebSphere Application Server 8.5
- IBM Cloud Pak for Multicloud Management 2.3
- IBM Cloud Pak for Multicloud Management 2.3 FP8
- IBM Concert 1.0.0
- IBM Concert 1.0.1
- IBM Cloud Pak for Multicloud Management - 2.3
- IBM WebSphere Applicaiton Server 9.0
- IBM Cognos Command Center 10.2.4.1
- IBM Cognos Command Center 10.2.5
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.
