{"vulnerability": "CVE-2022-3431", "sightings": [{"uuid": "eb444d7b-4ccc-4b26-8296-76b940211976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3431", "type": "seen", "source": "https://t.me/cibsecurity/71859", "content": "\u203c CVE-2022-3431 \u203c\n\nA potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-09T22:16:12.000000Z"}, {"uuid": "76f345ba-84a2-4e58-94dd-a1b54560ad4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34316", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14055", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34316\n\ud83d\udd25 CVSS Score: 3.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: \nIBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.\n\n\n\ud83d\udccf Published: 2022-11-14T18:47:00.784Z\n\ud83d\udccf Modified: 2025-04-30T15:05:23.387Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6833176\n2. https://www.ibm.com/support/pages/node/6833178\n3. https://exchange.xforce.ibmcloud.com/vulnerabilities/229452", "creation_timestamp": "2025-04-30T15:13:39.000000Z"}, {"uuid": "3e0e4b1e-3867-4a04-bfb2-cf433d5aef77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34314", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14053", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34314\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: \nIBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450.\n\n\n\ud83d\udccf Published: 2022-11-14T18:38:50.824Z\n\ud83d\udccf Modified: 2025-04-30T15:06:05.007Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6833170\n2. https://www.ibm.com/support/pages/node/6833166\n3. https://exchange.xforce.ibmcloud.com/vulnerabilities/229450", "creation_timestamp": "2025-04-30T15:13:34.000000Z"}, {"uuid": "38bfccea-fb62-4222-b44b-c70150199e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3431", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10705", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Binarly researchers conduct a deep-dive investigation into Lenovo\u2019s LEN-94952 bulletin and find that two vulnerabilities -- CVE-2022-3430 and CVE-2022-3431 -- remain unfixed one month after their official disclosure.\n\nhttps://binarly.io/posts/Multiple_Vulnerabilities_in_Qualcomm_and_Lenovo_ARM_based_Devices/index.html", "creation_timestamp": "2023-02-23T13:06:03.000000Z"}, {"uuid": "991d6726-c94f-44a6-9bbb-9edc6095c413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34318", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14060", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34318\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: \nIBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461.\n\n\n\ud83d\udccf Published: 2022-11-14T19:04:12.560Z\n\ud83d\udccf Modified: 2025-04-30T15:02:45.539Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6833186\n2. https://www.ibm.com/support/pages/node/6833188\n3. https://exchange.xforce.ibmcloud.com/vulnerabilities/229461", "creation_timestamp": "2025-04-30T15:13:47.000000Z"}, {"uuid": "b6cccf16-45c9-4cdd-9d0e-b00dcee90261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34312", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34312\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: \nIBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447.\n\n\n\ud83d\udccf Published: 2022-11-14T17:49:55.297Z\n\ud83d\udccf Modified: 2025-04-30T19:52:00.296Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6833156\n2. https://www.ibm.com/support/pages/node/6833150\n3. https://exchange.xforce.ibmcloud.com/vulnerabilities/229447", "creation_timestamp": "2025-04-30T20:14:40.000000Z"}, {"uuid": "d875ea2b-9bc4-428b-87ce-c435d2f050a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34310", "type": "seen", "source": "https://t.me/ctinow/183348", "content": "https://ift.tt/AqFcpGx\nCVE-2022-34310", "creation_timestamp": "2024-02-12T19:22:03.000000Z"}, {"uuid": "ee1d33b3-e6af-4abd-86c0-76268d760322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3431", "type": "seen", "source": "https://t.me/true_secator/3685", "content": "Lenovo \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u043e\u0432 ThinkBook, IdeaPad \u0438 Yoga, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c UEFI Secure Boot.\n\nUEFI Secure Boot \u2014 \u044d\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0437\u0430\u0449\u0438\u0442\u044b, \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u044e\u0449\u0430\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430.\n\n\u0412 \u043f\u0440\u043e\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0432\u0441\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u0435\u0441\u044f \u0434\u0430\u0436\u0435 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u041e\u0421.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e Lenovo \u043f\u043e \u043e\u0448\u0438\u0431\u043a\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0440\u0430\u043d\u043d\u0435\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0433 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438\u0437 \u041e\u0421 \u0432 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445.\n\n\u041f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u044d\u0442\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Lenovo \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 ESET, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e\u0431 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443.\n\nESET \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 NVRAM, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u0432 \u0422\u0432\u0438\u0442\u0442\u0435\u0440\u0435 \u043d\u0430\u00a0\u041d\u0438\u043a\u043e\u043b\u0430\u044f \u0428\u043b\u0435\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u043b, \u043f\u043e\u0447\u0435\u043c\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 UEFI \u043d\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c NVRAM \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430.\n\n\u041f\u043e \u0438\u0442\u043e\u0433\u0443 Lenovo \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n- CVE-2022-3430: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 WMI \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u0430\u0445 Lenovo \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0438\u0437\u043c\u0435\u043d\u0438\u0432 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e NVRAM.\n\n- CVE-2022-3431: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u0430\u0445 Lenovo, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u043e\u0448\u0438\u0431\u043a\u0435 \u043d\u0435 \u0431\u044b\u043b \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0438\u0437\u043c\u0435\u043d\u0438\u0432 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e NVRAM.\n\n\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0442\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2022-3432\u00a0\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e Ideapad Y700-14ISK.\u00a0\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u0435\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u0440\u043e\u043a \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u0438\u0441\u0442\u0435\u043a (EOL).\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Lenovo \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u0432\u0435\u0440\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441\u043e \u0441\u043f\u0438\u0441\u043a\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u00a0\u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u043f\u0440\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.", "creation_timestamp": "2022-11-10T12:01:02.000000Z"}, {"uuid": "111cce8f-eccc-428d-86ef-0dbaa1a60747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34311", "type": "seen", "source": "https://t.me/ctinow/183369", "content": "https://ift.tt/U6SoNYC\nCVE-2022-34311", "creation_timestamp": "2024-02-12T20:26:45.000000Z"}, {"uuid": "8841991a-46fa-4dc4-8736-2a5a5845ee22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34313", "type": "seen", "source": "https://t.me/cibsecurity/52964", "content": "\u203c CVE-2022-34313 \u203c\n\nIBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. X-Force ID: 229449.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-16T07:51:29.000000Z"}, {"uuid": "95e5ce98-3b43-4b1c-9922-297c1347c01c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34319", "type": "seen", "source": "https://t.me/cibsecurity/52977", "content": "\u203c CVE-2022-34319 \u203c\n\nIBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-16T07:51:46.000000Z"}]}