{"vulnerability": "CVE-2022-2580", "sightings": [{"uuid": "82ff4cd6-8281-44f9-a82a-d7ee13714caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25804", "type": "seen", "source": "https://t.me/cibsecurity/44067", "content": "\u203c CVE-2022-25804 \u203c\n\nAn issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure permissions for the serverconfig registry key (under JavaSoft\\Prefs\\de\\igel\\rm\\config in HKEY_LOCAL_MACHINE\\SOFTWARE) allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the UMS superuser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T07:32:53.000000Z"}, {"uuid": "3d48c7c9-2c3b-4d15-be12-ce904b4e9a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25805", "type": "seen", "source": "https://t.me/cibsecurity/44076", "content": "\u203c CVE-2022-25805 \u203c\n\nAn issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. The transmission of cleartext LDAP bind credentials by the cmd_mgt_load_mgt_tree command allows an attacker (who can intercept or inspect traffic between an authenticated UMS client and server) to compromise those LDAP bind credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T07:33:04.000000Z"}, {"uuid": "7771c94b-47d3-4bb8-8e99-96d677f87e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25800", "type": "seen", "source": "https://t.me/cibsecurity/46234", "content": "\u203c CVE-2022-25800 \u203c\n\nBest Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T16:27:38.000000Z"}, {"uuid": "9bd52cb1-800f-4de5-b154-a9136c8b7c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25803", "type": "seen", "source": "https://t.me/cibsecurity/46232", "content": "\u203c CVE-2022-25803 \u203c\n\nBest Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T16:27:36.000000Z"}, {"uuid": "53a81b9c-4069-46bd-950e-57c33b2ce86e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25801", "type": "seen", "source": "https://t.me/cibsecurity/46237", "content": "\u203c CVE-2022-25801 \u203c\n\nBest Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T16:27:44.000000Z"}, {"uuid": "21cb5802-0c2f-494a-a4eb-c83996bb4b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25802", "type": "seen", "source": "https://t.me/cibsecurity/46235", "content": "\u203c CVE-2022-25802 \u203c\n\nBest Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T16:27:42.000000Z"}, {"uuid": "8a1e0d2e-ec77-40b2-b6ea-44e102f67b74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25806", "type": "seen", "source": "https://t.me/cibsecurity/44077", "content": "\u203c CVE-2022-25806 \u203c\n\nAn issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T07:33:08.000000Z"}, {"uuid": "0c10daee-d504-41a6-93b8-094e3c473ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25807", "type": "seen", "source": "https://t.me/cibsecurity/44071", "content": "\u203c CVE-2022-25807 \u203c\n\nAn issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T07:32:57.000000Z"}]}