{"vulnerability": "CVE-2022-2249", "sightings": [{"uuid": "c6849702-7fe3-4435-ac99-3bffbe697145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22491", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113798805158983707", "content": "", "creation_timestamp": "2025-01-09T14:12:44.003521Z"}, {"uuid": "bd0bff48-35db-4f85-8257-0b500f726b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22491", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcuin3cpi22", "content": "", "creation_timestamp": "2025-01-09T14:15:46.094358Z"}, {"uuid": "4e7e0210-832f-4e00-bf31-6b97f11567ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22491", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcwm23tkk2e", "content": "", "creation_timestamp": "2025-01-09T14:53:28.182933Z"}, {"uuid": "d385ba56-7173-43e8-a174-fec3dcf312b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22491", "type": "seen", "source": "https://t.me/cvedetector/14848", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-22491 - IBM App Connect Enterprise Filesystems write vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-22491 \nPublished : Jan. 9, 2025, 2:15 p.m. | 37\u00a0minutes ago \nDescription : IBM App Connect Enterprise Certified Container\u00a07.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not restrict writing to the local filesystem, which may result in exhausting the available storage in a Pod, resulting in that Pod being restarted. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T16:05:31.000000Z"}, {"uuid": "8b62e052-ede7-4a49-bb42-02648eadd8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22491", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/953", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-22491\n\ud83d\udd39 Description: IBM App Connect Enterprise Certified Container\u00a07.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not restrict writing to the local filesystem, which may result in exhausting the available storage in a Pod, resulting in that Pod being restarted.\n\ud83d\udccf Published: 2025-01-09T14:11:28.233Z\n\ud83d\udccf Modified: 2025-01-09T14:11:28.233Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7180500", "creation_timestamp": "2025-01-09T14:15:28.000000Z"}, {"uuid": "23350726-4077-45fd-a367-d07eb682d86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2249", "type": "seen", "source": "https://t.me/cibsecurity/51279", "content": "\u203c CVE-2022-2249 \u203c\n\nPrivilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T22:26:57.000000Z"}, {"uuid": "ce977a77-81c0-41f9-baed-4424ca81db9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22490", "type": "seen", "source": "https://t.me/cibsecurity/47880", "content": "\u203c CVE-2022-22490 \u203c\n\nIBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-10T20:26:24.000000Z"}, {"uuid": "e6264925-ede9-4246-8a59-725d1271345f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22493", "type": "seen", "source": "https://t.me/cibsecurity/50994", "content": "\u203c CVE-2022-22493 \u203c\n\nIBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T20:17:24.000000Z"}, {"uuid": "a3a53b07-685c-45be-8306-8a045c6f52be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22496", "type": "seen", "source": "https://t.me/cibsecurity/45425", "content": "\u203c CVE-2022-22496 \u203c\n\nWhile a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-30T20:38:53.000000Z"}, {"uuid": "d7f0a16a-036a-4321-ad99-236ad774ee76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22497", "type": "seen", "source": "https://t.me/cibsecurity/43308", "content": "\u203c CVE-2022-22497 \u203c\n\nIBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T02:42:26.000000Z"}, {"uuid": "2e0be09f-f98f-4b53-b8b6-f5fd3fa05790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22495", "type": "seen", "source": "https://t.me/cibsecurity/43280", "content": "\u203c CVE-2022-22495 \u203c\n\nIBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T20:37:02.000000Z"}, {"uuid": "b340cc77-f58b-4100-8f13-5ef75b547a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22494", "type": "seen", "source": "https://t.me/cibsecurity/45423", "content": "\u203c CVE-2022-22494 \u203c\n\nIBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-30T20:38:51.000000Z"}]}