{"vulnerability": "CVE-2021-2203", "sightings": [{"uuid": "336330e4-48c9-4878-8832-3b58dbf0a835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22030", "type": "seen", "source": "https://t.me/cibsecurity/32717", "content": "\u203c CVE-2021-22030 \u203c\n\nIn versions of Greenplum database prior to 5.28.14 and 6.17.0, certain statements execution led to the storage of sensitive(credential) information in the logs of the database. A malicious user with access to logs can read sensitive(credentials) information about users\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T20:17:07.000000Z"}, {"uuid": "cba03525-591d-4f25-8c80-39d6982ccf22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22038", "type": "seen", "source": "https://t.me/cibsecurity/31455", "content": "\u203c CVE-2021-22038 \u203c\n\nOn Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-29T16:18:13.000000Z"}, {"uuid": "7ebc7455-e05e-4660-ac12-c9ffe9e80f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22037", "type": "seen", "source": "https://t.me/cibsecurity/31454", "content": "\u203c CVE-2021-22037 \u203c\n\nUnder certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-29T16:18:11.000000Z"}, {"uuid": "d1f14b1c-2fb1-4c91-8e51-2ff96c0dc9b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22033", "type": "seen", "source": "https://t.me/cibsecurity/30515", "content": "\u203c CVE-2021-22033 \u203c\n\nReleases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T20:26:43.000000Z"}, {"uuid": "cc2b2c3e-7df5-4311-8cff-79a95b340902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22034", "type": "seen", "source": "https://t.me/cibsecurity/30991", "content": "\u203c CVE-2021-22034 \u203c\n\nReleases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T00:37:25.000000Z"}, {"uuid": "7599cea0-2715-4b3d-bca7-a2efdcd38d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22035", "type": "seen", "source": "https://t.me/cibsecurity/30514", "content": "\u203c CVE-2021-22035 \u203c\n\nVMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T20:26:42.000000Z"}, {"uuid": "f1f582dc-297f-4d8e-b6ee-1e3559a158f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22036", "type": "seen", "source": "https://t.me/cibsecurity/30513", "content": "\u203c CVE-2021-22036 \u203c\n\nVMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T20:26:41.000000Z"}]}