{"vulnerability": "CVE-2022-2863", "sightings": [{"uuid": "f6f23390-78e6-4996-ab1f-8cd63a5fec6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28633", "type": "seen", "source": "https://t.me/cibsecurity/48069", "content": "\u203c CVE-2022-28633 \u203c\n\nA local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file system resulting in a complete loss of confidentiality and a partial loss of integrity and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:43:40.000000Z"}, {"uuid": "23787c59-6097-4140-a9c2-541c1e232cd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28637", "type": "seen", "source": "https://t.me/cibsecurity/50165", "content": "\u203c CVE-2022-28637 \u203c\n\nA local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T00:45:34.000000Z"}, {"uuid": "bd355d73-115e-44fe-9c2b-f64dad863e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2863", "type": "seen", "source": "https://t.me/cibsecurity/49866", "content": "\u203c CVE-2022-2863 \u203c\n\nThe Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T12:38:57.000000Z"}]}