{"vulnerability": "CVE-2021-3632", "sightings": [{"uuid": "a98b5880-7260-4593-9090-cba62c8d01b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3632", "type": "seen", "source": "https://t.me/arpsyndicate/3165", "content": "#ExploitObserverAlert\n\nCVE-2021-3632\n\nDESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2021-3632. A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.\n\nFIRST-EPSS: 0.001630000\nNVD-IS: 5.9\nNVD-ES: 1.6", "creation_timestamp": "2024-01-28T02:30:29.000000Z"}, {"uuid": "389adbe1-3ac5-4fc6-b120-a6c195318992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36328", "type": "seen", "source": "https://t.me/cibsecurity/33153", "content": "\u203c CVE-2021-36328 \u203c\n\nDell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T00:34:42.000000Z"}, {"uuid": "c2cea5f2-7869-4ed6-891c-ebd03e1e1568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36327", "type": "seen", "source": "https://t.me/cibsecurity/33152", "content": "\u203c CVE-2021-36327 \u203c\n\nDell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T00:34:41.000000Z"}, {"uuid": "bfa7100d-9098-4f12-8036-401f795c2be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36326", "type": "seen", "source": "https://t.me/cibsecurity/33151", "content": "\u203c CVE-2021-36326 \u203c\n\nDell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted format.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T00:34:40.000000Z"}, {"uuid": "5de8f386-8fd5-4e12-88d1-cbcdbfc99ada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36329", "type": "seen", "source": "https://t.me/cibsecurity/33150", "content": "\u203c CVE-2021-36329 \u203c\n\nDell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T00:34:38.000000Z"}, {"uuid": "2c5b7572-b21f-4317-8e13-fce5336e06bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36320", "type": "seen", "source": "https://t.me/cibsecurity/32759", "content": "\u203c CVE-2021-36320 \u203c\n\nDell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-20T07:17:27.000000Z"}, {"uuid": "b1aba017-9fe0-458e-ab34-aceb997e369d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36322", "type": "seen", "source": "https://t.me/cibsecurity/32758", "content": "\u203c CVE-2021-36322 \u203c\n\nDell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the web-cache or trigger redirections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-20T07:17:26.000000Z"}, {"uuid": "00b5741f-ff23-4ab4-b8ae-1ee8d521fe64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36321", "type": "seen", "source": "https://t.me/cibsecurity/32754", "content": "\u203c CVE-2021-36321 \u203c\n\nDell Networking X-Series firmware versions prior to 3.0.1.8 contain an improper input validation vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending specially crafted data to trigger a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-20T07:17:22.000000Z"}, {"uuid": "9c462d79-9633-4142-8693-e3b9f7ba93f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36324", "type": "seen", "source": "https://t.me/cibsecurity/32363", "content": "\u203c CVE-2021-36324 \u203c\n\nDell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T02:39:26.000000Z"}, {"uuid": "e9929c5c-e58b-4eaf-8020-09c6950b36a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36325", "type": "seen", "source": "https://t.me/cibsecurity/32361", "content": "\u203c CVE-2021-36325 \u203c\n\nDell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T02:39:24.000000Z"}, {"uuid": "18333888-8a30-4d4d-8f34-16bf7318ad54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36323", "type": "seen", "source": "https://t.me/cibsecurity/32359", "content": "\u203c CVE-2021-36323 \u203c\n\nDell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T02:39:21.000000Z"}]}