{"vulnerability": "CVE-2021-2019", "sightings": [{"uuid": "f60d3893-da4d-4df7-8c88-07e9e26db1a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20195", "type": "seen", "source": "https://t.me/arpsyndicate/3208", "content": "#ExploitObserverAlert\n\nCVE-2021-20195\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-20195. A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encoded and Javascript code being used to process the data. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\nFIRST-EPSS: 0.001680000\nNVD-IS: 6.0\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T04:45:54.000000Z"}, {"uuid": "4d57e951-fd05-4895-9e5d-5bc4bddfe561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20199", "type": "seen", "source": "https://t.me/cibsecurity/22973", "content": "\u203c CVE-2021-20199 \u203c\n\nRootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T22:40:03.000000Z"}, {"uuid": "624c0ac3-8073-4e5c-919a-e862335300e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20191", "type": "seen", "source": "https://t.me/arpsyndicate/41", "content": "#ExploitObserverAlert\n\nCVE-2021-20191\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.\n\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2023-11-10T14:07:10.000000Z"}, {"uuid": "8fec6d7a-b2b6-4c19-9d49-7fe97fe437b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20191", "type": "seen", "source": "https://t.me/arpsyndicate/47", "content": "#ExploitObserverAlert\n\nCVE-2021-20191\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-20191. A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2023-11-10T20:13:30.000000Z"}, {"uuid": "06a57bf4-93d8-4c36-8871-329a5564b3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20198", "type": "seen", "source": "https://t.me/cibsecurity/23998", "content": "\u203c CVE-2021-20198 \u203c\n\nA flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T20:35:14.000000Z"}, {"uuid": "44414e6f-ce7d-4855-a643-b8d96abb7c84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2019", "type": "seen", "source": "https://t.me/cibsecurity/22393", "content": "\u203c CVE-2021-2019 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:37:47.000000Z"}, {"uuid": "35c3f196-4be3-4aa4-aa60-93247d6eaee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20190", "type": "seen", "source": "https://t.me/cibsecurity/22290", "content": "\u203c CVE-2021-20190 \u203c\n\nA flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-19T20:56:08.000000Z"}]}