{"vulnerability": "CVE-2022-2369", "sightings": [{"uuid": "2fbd6e38-0770-4b85-a7b1-4a0656ecae76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23699", "type": "seen", "source": "https://t.me/cKure/9325", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 HPE fixed two vulnerabilities in OneView found by 'PT Swarm' researcher Nikita Abramov.\n\n1\ufe0f\u20e3 CVE-2022-23699 - Authentication Restriction Bypass\n2\ufe0f\u20e3 CVE-2022-23700 - Unauthorized Read Access to Files\n\nhttps://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04252en_us", "creation_timestamp": "2022-04-11T13:12:18.000000Z"}, {"uuid": "a696921d-f729-4bcd-b67e-0541cead9941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23699", "type": "seen", "source": "https://t.me/ptswarm/120", "content": "HPE fixed two vulnerabilities in OneView found by our researcher Nikita Abramov.\n\n1\ufe0f\u20e3 CVE-2022-23699 - Authentication Restriction Bypass\n2\ufe0f\u20e3 CVE-2022-23700 - Unauthorized Read Access to Files\n\nFind out more \u27a1\ufe0f https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04252en_us", "creation_timestamp": "2022-04-11T13:42:01.000000Z"}, {"uuid": "fb084a13-be19-4cd1-ab0d-be2ab20c3808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23691", "type": "seen", "source": "https://t.me/cibsecurity/49328", "content": "\u203c CVE-2022-23691 \u203c\n\nA vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an attacker to bypass system authentication and achieve total switch compromise in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1070 and below, AOS-CX 10.06.xxxx: 10.06.0210 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:13:15.000000Z"}, {"uuid": "5c688054-ed5d-450d-ae30-bfe973b6b9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23697", "type": "seen", "source": "https://t.me/cibsecurity/40141", "content": "\u203c CVE-2022-23697 \u203c\n\nA remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-05T00:28:25.000000Z"}, {"uuid": "8029b27c-a8f4-47ff-8b4d-bf9238bce711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23699", "type": "seen", "source": "https://t.me/cibsecurity/40138", "content": "\u203c CVE-2022-23699 \u203c\n\nA local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-05T00:28:22.000000Z"}]}