{"vulnerability": "CVE-2022-3438", "sightings": [{"uuid": "3d3732d8-14b9-4974-b6a7-1d9bb7d8aaed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3438", "type": "seen", "source": "https://t.me/cibsecurity/51059", "content": "\u203c CVE-2022-3438 \u203c\n\nOpen Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-10T16:24:52.000000Z"}, {"uuid": "223b95cc-79ba-4367-badc-d246a70e42ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34389", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8858", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34389\n\ud83d\udd25 CVSS Score: 3.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: \nDell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:23:06.581Z\n\ud83d\udccf Modified: 2025-03-26T15:20:18.440Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/000204114", "creation_timestamp": "2025-03-26T15:26:00.000000Z"}, {"uuid": "a3154640-c049-4e9e-b642-967934d68156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34381", "type": "seen", "source": "https://t.me/ctinow/192812", "content": "https://ift.tt/e4ilQrn\nCVE-2022-34381 | Dell BSAFE Crypto-J/BSAFE SSL-J reliance on component that is not updateable (dsa-2022-208)", "creation_timestamp": "2024-02-25T10:11:12.000000Z"}, {"uuid": "3b3076a5-c417-4bbd-855a-fbec3397b2b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34381", "type": "seen", "source": "https://t.me/ctinow/178165", "content": "https://ift.tt/I3s7Nn9\nCVE-2022-34381", "creation_timestamp": "2024-02-02T17:26:46.000000Z"}, {"uuid": "1efd846a-9b83-440c-8292-4d9792b29e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34382", "type": "seen", "source": "https://t.me/cibsecurity/49254", "content": "\u203c CVE-2022-34382 \u203c\n\nDell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-10T03:55:50.000000Z"}, {"uuid": "e3828338-74fa-458c-a398-7dccad0b345d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34380", "type": "seen", "source": "https://t.me/cibsecurity/49176", "content": "\u203c CVE-2022-34380 \u203c\n\nDell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-01T22:38:17.000000Z"}]}