April 23, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Stealc Information Stealer Malware – Active IOCs
March 19, 2025Rhadamanthys Stealer – Active IOCs
March 19, 2025Stealc Information Stealer Malware – Active IOCs
March 19, 2025Rhadamanthys Stealer – Active IOCs
March 19, 2025
Severity
High
Analysis Summary
CVE-2024-56347 CVSS:9.6
IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote malicious user to execute arbitrary commands due to improper process controls.
CVE-2024-56346 CVSS:10
IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote malicious user to execute arbitrary commands due to improper process controls.
CVE-2024-49822 CVSS:4.1
IBM QRadar Advisor 1.0.0 up to and including 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2024-56347
CVE-2024-56346
CVE-2024-49822
Affected Vendors
- IBM
Affected Products
- IBM AIX 7.2
- IBM AIX 7.3
- IBM Qradar Advisor 1.0.0 - 2.6.5
Remediation
Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.
