Initiatieven voor
    
    Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
      
     
                  Reference:
Advisory #2023-99
Version:
1.0
Affected software:
IBM Security Guardium version 10.6
IBM Security Guardium version 11.3
IBM Security Guardium version 11.4
IBM Security Guardium version 11.5
Type:
Remote code execution (RCE)
CVE/CVSS:
CVE-2023-35893 CVSS score : 9.9 (critical)
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
https://www.ibm.com/support/pages/node/7027853
By successfully exploiting CVE-2023-35893, a remote authenticated attacker could execute arbitrary commands on the system by sending a specially crafted request.
CVE-2023-35893has a high impact on all vertices of the CIA triad (Confidentiality, Integrity, Availability).
The Centre for Cyber security Belgium recommends system administrators to patch vulnerable systems as soon as possible and to analyse system and network logs for any suspicious activity. If your organization has already identified an intrusion or incident, please report it via: https://ccb.belgium.be/cert/report-incident.
IBM Security Guardium is a data protection platform formerly known as IBM InfoSphere Guardium. It can be used by security teams to automatically analyze data environments considered sensitive.
CVE-2023-35893 is a command injection vulnerability due to improper neutralization of special elements used in OS command.
IBM recommends  upgrading your software:
•    For IBM Security Guardium version 10.6, the fix is available at https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p1023_Security-Fix&includeSupersedes=0&source=fc  
•    For IBM Security Guardium version 11.3, the fix is available at https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p387_Security-Fix&includeSupersedes=0&source=fc
•    For IBM Security Guardium version 11.4, the fix is available at https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p476_Security-Fix&includeSupersedes=0&source=fc  
•    For IBM Security Guardium version 11.5, the fix is available at https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p528_Security-Fix&includeSupersedes=0&source=fc
The Centre for Cyber security Belgium recommends system administrators to patch vulnerable systems as soon as possible and to analyse system and network logs for any suspicious activity. If your organization has already identified an intrusion or incident, please report it via: https://ccb.belgium.be/cert/report-incident.