{"vulnerability": "CVE-2021-2202", "sightings": [{"uuid": "b83a2eaf-9476-4953-9e38-9c8290f304bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22029", "type": "seen", "source": "https://t.me/cibsecurity/28140", "content": "\u203c CVE-2021-22029 \u203c\n\nVMware Workspace ONE UEM REST API contains a denial of service vulnerability. A malicious actor with access to /API/system/admins/session could cause an API denial of service due to improper rate limiting.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-01T00:33:45.000000Z"}, {"uuid": "5154d111-5233-4246-b5b5-bbcb9b581ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2202", "type": "seen", "source": "https://t.me/reconshell/686", "content": "CVE-2021-2202\n\nVulnerability in the MySQL Server product of Oracle MySQL  Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\n\nhttps://cve.reconshell.com/cve/CVE-2021-2202", "creation_timestamp": "2021-04-24T08:09:15.000000Z"}, {"uuid": "9b5a7fbc-37b4-4a8a-b496-1b12d12119c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22022", "type": "seen", "source": "https://t.me/cKure/6765", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 VMware fixed two vulnerabilities in vRealize Operations Manager.\n\n1\u20e3 CVE-2021-22022 - Arbitrary File Read\n2\u20e3 CVE-2021-22023 - Insecure Direct Object Reference\n\nCredits: https://twitter.com/elk0kc (Egor Dimitrenko)\n\nDetails: https://www.vmware.com/security/advisories/VMSA-2021-0018.html", "creation_timestamp": "2021-08-25T13:29:31.000000Z"}, {"uuid": "8f918bad-d314-4cb1-8513-493c6f3f7d79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22023", "type": "seen", "source": "https://t.me/cKure/6765", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 VMware fixed two vulnerabilities in vRealize Operations Manager.\n\n1\u20e3 CVE-2021-22022 - Arbitrary File Read\n2\u20e3 CVE-2021-22023 - Insecure Direct Object Reference\n\nCredits: https://twitter.com/elk0kc (Egor Dimitrenko)\n\nDetails: https://www.vmware.com/security/advisories/VMSA-2021-0018.html", "creation_timestamp": "2021-08-25T13:29:31.000000Z"}, {"uuid": "ee174a2a-f7b9-4959-bb4a-bc28f555927c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22028", "type": "seen", "source": "https://t.me/cibsecurity/32723", "content": "\u203c CVE-2021-22028 \u203c\n\nIn versions of Greenplum database prior to 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. A malicious user can read/write information from the file system using this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T20:17:14.000000Z"}, {"uuid": "6bc2b1da-d990-4a80-9403-628507d5bc8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22027", "type": "seen", "source": "https://t.me/cibsecurity/28036", "content": "\u203c CVE-2021-22027 \u203c\n\nThe vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T22:32:54.000000Z"}, {"uuid": "6f2ed210-ece9-417c-a193-4b5ab022b847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22022", "type": "seen", "source": "https://t.me/cibsecurity/28035", "content": "\u203c CVE-2021-22022 \u203c\n\nThe vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T22:32:53.000000Z"}, {"uuid": "c2bbb9f6-b9bc-4e6a-be16-8df0cb180f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22020", "type": "seen", "source": "https://t.me/cibsecurity/29291", "content": "\u203c CVE-2021-22020 \u203c\n\nThe vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:56.000000Z"}, {"uuid": "29952bd8-2de0-4612-bbc0-78784e4de479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22024", "type": "seen", "source": "https://t.me/cibsecurity/28020", "content": "\u203c CVE-2021-22024 \u203c\n\nThe vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T22:32:32.000000Z"}]}