{"vulnerability": "CVE-2023-3117", "sightings": [{"uuid": "d85d09a1-4aaf-4183-9b06-6cba19983b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31176", "type": "seen", "source": "https://t.me/ctinow/157573", "content": "https://ift.tt/jnhRq6b\nCVE-2023-31176 | Schweitzer Engineering Laboratories SEL-451 20230830 entropy", "creation_timestamp": "2023-12-21T10:12:48.000000Z"}, {"uuid": "eb0a201b-6f37-4fbc-b013-48bd7e54183c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31171", "type": "seen", "source": "https://t.me/cibsecurity/69559", "content": "\u203c CVE-2023-31171 \u203c\n\nAn Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:11.000000Z"}, {"uuid": "e9b541e5-7a5f-46c7-8b4d-610ac8004360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31173", "type": "seen", "source": "https://t.me/cibsecurity/69569", "content": "\u203c CVE-2023-31173 \u203c\n\nUse of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:26.000000Z"}, {"uuid": "e9d02a72-fc33-4fba-a94b-62df6479164a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31174", "type": "seen", "source": "https://t.me/cibsecurity/69567", "content": "\u203c CVE-2023-31174 \u203c\n\nA Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:21.000000Z"}, {"uuid": "28e2475b-261b-4389-915f-5cca8ba0158d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31172", "type": "seen", "source": "https://t.me/cibsecurity/69565", "content": "\u203c CVE-2023-31172 \u203c\n\nAn Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:19.000000Z"}, {"uuid": "9955db42-baec-47dc-949e-7b7b217c9d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31175", "type": "seen", "source": "https://t.me/cibsecurity/69575", "content": "\u203c CVE-2023-31175 \u203c\n\nAn Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:34.000000Z"}, {"uuid": "11383201-853e-4e6b-9907-ff8b5d25b660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31170", "type": "seen", "source": "https://t.me/cibsecurity/69562", "content": "\u203c CVE-2023-31170 \u203c\n\nAn Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator.See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T20:13:13.000000Z"}, {"uuid": "5669ec00-48f5-4e75-a886-d04554cbac50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31177", "type": "seen", "source": "https://t.me/ctinow/157583", "content": "https://ift.tt/hHadq2L\nCVE-2023-31177 | Schweitzer Engineering Laboratories SEL-451 20230830 cross site scripting", "creation_timestamp": "2023-12-21T10:37:51.000000Z"}, {"uuid": "2f7434da-a51b-4430-929f-eb1c760948fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31179", "type": "seen", "source": "https://t.me/cibsecurity/63469", "content": "\u203c CVE-2023-31179 \u203c\n\nAgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal -\u00c2\u00a0Vulnerability allows path traversal and downloading files from the server, by an unspecified request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:38:10.000000Z"}]}