https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 29 May 2026 17:53:49 +0000 https://vulnerability.circl.lu/sighting/548d6a64-43e7-4753-a6fc-a39276597cd2/export {"uuid": "548d6a64-43e7-4753-a6fc-a39276597cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/169407", "content": "https://ift.tt/mMdVQAv\nCVE-2024-20270", "creation_timestamp": "2024-01-17T18:27:26.000000Z"} {"uuid": "548d6a64-43e7-4753-a6fc-a39276597cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/169407", "content": "https://ift.tt/mMdVQAv\nCVE-2024-20270", "creation_timestamp": "2024-01-17T18:27:26.000000Z"} https://vulnerability.circl.lu/sighting/548d6a64-43e7-4753-a6fc-a39276597cd2/export Wed, 17 Jan 2024 18:27:26 +0000 https://vulnerability.circl.lu/sighting/41328d4e-2ce5-4cd7-89e3-853f09bb0d1c/export {"uuid": "41328d4e-2ce5-4cd7-89e3-853f09bb0d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/169408", "content": "https://ift.tt/k06xDvX\nCVE-2024-20272", "creation_timestamp": "2024-01-17T18:27:28.000000Z"} {"uuid": "41328d4e-2ce5-4cd7-89e3-853f09bb0d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/169408", "content": "https://ift.tt/k06xDvX\nCVE-2024-20272", "creation_timestamp": "2024-01-17T18:27:28.000000Z"} https://vulnerability.circl.lu/sighting/41328d4e-2ce5-4cd7-89e3-853f09bb0d1c/export Wed, 17 Jan 2024 18:27:28 +0000 https://vulnerability.circl.lu/sighting/e2c0dcec-11d3-4762-92ae-da420ff3e9f1/export {"uuid": "e2c0dcec-11d3-4762-92ae-da420ff3e9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/169409", "content": "https://ift.tt/Q0VGgZl\nCVE-2024-20277", "creation_timestamp": "2024-01-17T18:27:31.000000Z"} {"uuid": "e2c0dcec-11d3-4762-92ae-da420ff3e9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/169409", "content": "https://ift.tt/Q0VGgZl\nCVE-2024-20277", "creation_timestamp": "2024-01-17T18:27:31.000000Z"} https://vulnerability.circl.lu/sighting/e2c0dcec-11d3-4762-92ae-da420ff3e9f1/export Wed, 17 Jan 2024 18:27:31 +0000 https://vulnerability.circl.lu/sighting/6062debf-0a92-4a64-a35a-e174e89eb935/export {"uuid": "6062debf-0a92-4a64-a35a-e174e89eb935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/174976", "content": "https://ift.tt/DtRJdAr\nCVE-2024-20272 | Cisco Unity Connection unrestricted upload (cisco-sa-cuc-unauth-afu-FROYsCsD)", "creation_timestamp": "2024-01-28T16:26:53.000000Z"} {"uuid": "6062debf-0a92-4a64-a35a-e174e89eb935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/174976", "content": "https://ift.tt/DtRJdAr\nCVE-2024-20272 | Cisco Unity Connection unrestricted upload (cisco-sa-cuc-unauth-afu-FROYsCsD)", "creation_timestamp": "2024-01-28T16:26:53.000000Z"} https://vulnerability.circl.lu/sighting/6062debf-0a92-4a64-a35a-e174e89eb935/export Sun, 28 Jan 2024 16:26:53 +0000 https://vulnerability.circl.lu/sighting/06ae62a2-e7f7-4f46-bafe-98ed2df33698/export {"uuid": "06ae62a2-e7f7-4f46-bafe-98ed2df33698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/174977", "content": "https://ift.tt/3kaD5AU\nCVE-2024-20277 | Cisco ThousandEyes Enterprise Agent Virtual Appliance Web-based Management Interface Privilege Escalation (cisco-sa-thouseyes-privesc-DmzHG3Qv)", "creation_timestamp": "2024-01-28T16:26:54.000000Z"} {"uuid": "06ae62a2-e7f7-4f46-bafe-98ed2df33698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/174977", "content": "https://ift.tt/3kaD5AU\nCVE-2024-20277 | Cisco ThousandEyes Enterprise Agent Virtual Appliance Web-based Management Interface Privilege Escalation (cisco-sa-thouseyes-privesc-DmzHG3Qv)", "creation_timestamp": "2024-01-28T16:26:54.000000Z"} https://vulnerability.circl.lu/sighting/06ae62a2-e7f7-4f46-bafe-98ed2df33698/export Sun, 28 Jan 2024 16:26:54 +0000 https://vulnerability.circl.lu/sighting/b8674fea-19c5-4023-97ec-0ca86523609e/export {"uuid": "b8674fea-19c5-4023-97ec-0ca86523609e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/174987", "content": "https://ift.tt/en8KAXl\nCVE-2024-20270 | Cisco BroadWorks Application Delivery Platform Web-based Management Interface cross site scripting (cisco-sa-broadworks-xss-6syj82Ju)", "creation_timestamp": "2024-01-28T18:01:41.000000Z"} {"uuid": "b8674fea-19c5-4023-97ec-0ca86523609e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/174987", "content": "https://ift.tt/en8KAXl\nCVE-2024-20270 | Cisco BroadWorks Application Delivery Platform Web-based Management Interface cross site scripting (cisco-sa-broadworks-xss-6syj82Ju)", "creation_timestamp": "2024-01-28T18:01:41.000000Z"} https://vulnerability.circl.lu/sighting/b8674fea-19c5-4023-97ec-0ca86523609e/export Sun, 28 Jan 2024 18:01:41 +0000 https://vulnerability.circl.lu/sighting/1db6664a-319f-4e66-847b-e4a21675c45e/export {"uuid": "1db6664a-319f-4e66-847b-e4a21675c45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/cyberden_team/493", "content": "\ud83d\udca5\u0421\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430\n\n\u0412 \u044d\u0442\u043e\u0439 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430:\n\nCVE-2024-23897\nCVE-2024-0402 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0204 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0230 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a02.4\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20253 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20272 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.3\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21591 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0200 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0507 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21737 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.1\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21672 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21673 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21674 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.5\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22197 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22198 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.", "creation_timestamp": "2024-02-12T11:59:05.000000Z"} {"uuid": "1db6664a-319f-4e66-847b-e4a21675c45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/cyberden_team/493", "content": "\ud83d\udca5\u0421\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430\n\n\u0412 \u044d\u0442\u043e\u0439 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430:\n\nCVE-2024-23897\nCVE-2024-0402 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0204 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0230 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a02.4\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20253 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20272 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.3\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21591 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0200 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0507 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21737 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.1\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21672 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21673 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21674 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.5\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22197 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22198 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.", "creation_timestamp": "2024-02-12T11:59:05.000000Z"} https://vulnerability.circl.lu/sighting/1db6664a-319f-4e66-847b-e4a21675c45e/export Mon, 12 Feb 2024 11:59:05 +0000 https://vulnerability.circl.lu/sighting/840902c4-5365-458a-805b-6e7e7c9e39ce/export {"uuid": "840902c4-5365-458a-805b-6e7e7c9e39ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20279", "type": "seen", "source": "https://t.me/cvedetector/4335", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20279 - Cisco APIC Restricted Security Domain Policy Manipulation\", \n \"Content\": \"CVE ID : CVE-2024-20279 \nPublished : Aug. 28, 2024, 5:15 p.m. | 34\u00a0minutes ago \nDescription : A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system.\u00a0This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T20:08:53.000000Z"} {"uuid": "840902c4-5365-458a-805b-6e7e7c9e39ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20279", "type": "seen", "source": "https://t.me/cvedetector/4335", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20279 - Cisco APIC Restricted Security Domain Policy Manipulation\", \n \"Content\": \"CVE ID : CVE-2024-20279 \nPublished : Aug. 28, 2024, 5:15 p.m. | 34\u00a0minutes ago \nDescription : A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system.\u00a0This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T20:08:53.000000Z"} https://vulnerability.circl.lu/sighting/840902c4-5365-458a-805b-6e7e7c9e39ce/export Wed, 28 Aug 2024 20:08:53 +0000 https://vulnerability.circl.lu/sighting/b9debb8b-a552-4eb9-8bd3-6a730ebc7aaf/export {"uuid": "b9debb8b-a552-4eb9-8bd3-6a730ebc7aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20274", "type": "seen", "source": "https://t.me/cvedetector/8736", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20274 - Cisco Secure Firewall Management Center (FMC) Software HTML Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-20274 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. \n \nThis vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:36.000000Z"} {"uuid": "b9debb8b-a552-4eb9-8bd3-6a730ebc7aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20274", "type": "seen", "source": "https://t.me/cvedetector/8736", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20274 - Cisco Secure Firewall Management Center (FMC) Software HTML Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-20274 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. \n \nThis vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:36.000000Z"} https://vulnerability.circl.lu/sighting/b9debb8b-a552-4eb9-8bd3-6a730ebc7aaf/export Wed, 23 Oct 2024 19:54:36 +0000 https://vulnerability.circl.lu/sighting/aad42058-655d-4466-b65b-3dd2e662a78c/export {"uuid": "aad42058-655d-4466-b65b-3dd2e662a78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20275", "type": "seen", "source": "https://t.me/cvedetector/8737", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20275 - \"Cisco Secure Firewall Management Center (FMC) Command Execution Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-20275 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. \n \nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:37.000000Z"} {"uuid": "aad42058-655d-4466-b65b-3dd2e662a78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20275", "type": "seen", "source": "https://t.me/cvedetector/8737", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20275 - \"Cisco Secure Firewall Management Center (FMC) Command Execution Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-20275 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. \n \nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:37.000000Z"} https://vulnerability.circl.lu/sighting/aad42058-655d-4466-b65b-3dd2e662a78c/export Wed, 23 Oct 2024 19:54:37 +0000