Multiple vulnerabilities have been found in IBM QRadar Wincollect, which were associated with denial of service that could allow a threat actor to disrupt the service from usage. These vulnerabilities were assigned with CVEs CVE-2023-38039, CVE-2023-1255, and CVE-2022-25883.
IBM has released security patches for fixing these vulnerabilities, along with a security advisory. Furthermore, users are urged to patch them.
This vulnerability is associated with the Node.js semver package which is due to a regular expression denial-of-service (ReDoS) flaw in the new range function. A threat actor could use a specially crafted regex input to exploit this vulnerability. The severity for this vulnerability has been given as 5.3 (Medium).
This vulnerability is present in the OpenSSL due to a flaw in the implementation of AES-XTS cipher decryption for 64-bit ARM platforms. A threat actor could send a specially crafted request that could result in crashing the application. The severity for this vulnerability has been given as 3.7 (Low)
In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway
This vulnerability exists in the cURL libcurl library due to insufficient limitation of the number and size of headers accepted in a response. A threat actor could send a specially crafted request, which could exhaust the heap memory and result in a denial of service condition. The severity of this vulnerability has been given as 7.5 (High).
A complete report has been published by IBM, providing detailed information on these and many other vulnerabilities.
| Affected Product(s) | Version(s) | Fixed in Version |
| QRadar WinCollect Agent | 10.0-10.1.7 | WinCollect Standalone Agent 10.1.8 VersionsWinCollect Agent MSI (64-bit) – Standalone onlyWinCollect Agent MSI (32-bit) – Standalone only |
Users of this product are recommended to upgrade to the latest version to prevent these vulnerabilities from getting exploited by threat actors.
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
Hackers use loaders to bypass security measures and run harmful code in a genuine process's…
A security researcher identified a vulnerability in TeslaLogger, a third-party software used to collect data…
Threat intelligence feeds provide real-time updates on indicators of compromise (IOCs), such as malicious IPs…
Malware experts all over the world can't do their jobs without YARA. YARA has been…
The cybersecurity company Proofpoint has found a new operation using the SugarGh0st Remote Access Trojan…
The email campaign impersonates the Facebook Ads Team to trick users into clicking a malicious…