{"vulnerability": "CVE-2020-1079", "sightings": [{"uuid": "152cfdfe-3cf7-4b4b-9397-ff4bbcc4ab41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10791", "type": "seen", "source": "https://t.me/cibsecurity/10803", "content": "ATENTION\u203c New - CVE-2020-10791 (openitcockpit)\n\napp/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connection feature (aka testGrafanaConnection) of the Grafana Module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-30T09:47:27.000000Z"}, {"uuid": "f20130a4-6521-49e4-aa99-a07535f71266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10790", "type": "seen", "source": "https://t.me/cibsecurity/10804", "content": "ATENTION\u203c New - CVE-2020-10790 (openitcockpit)\n\nopenITCOCKPIT before 3.7.3 has unnecessary files (such as Lodash files) under the web root, which leads to XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-30T09:47:28.000000Z"}, {"uuid": "30001ff3-0838-43bb-b54e-be7f552e35e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1079", "type": "seen", "source": "https://t.me/VulnerabilityNews/14732", "content": "An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.\nPublished at: May 22, 2020 at 01:15AM\nView on website", "creation_timestamp": "2020-05-22T02:46:10.000000Z"}, {"uuid": "eb630318-51e1-46ec-95b6-e6631f9d0d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1079", "type": "seen", "source": "https://t.me/cibsecurity/12234", "content": "ATENTION\u203c New - CVE-2020-1010\n\nAn elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-22T02:55:23.000000Z"}]}