{"vulnerability": "CVE-2023-3405", "sightings": [{"uuid": "c4dc81e8-d8c8-4dd6-87b1-9da0da2eb484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/150", "content": "\u2604\ufe0fCVE-2023-34051: VMware Aria Operations for Logs\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043e\u0442 root\ud83d\udc80\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/horizon3ai/CVE-2023-34051\n\n\ud83d\udcdd\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0440\u0435\u0441\u0435\u0440\u0447:\nhttps://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/\n\n#cve #poc #exploit", "creation_timestamp": "2023-10-22T07:14:27.000000Z"}, {"uuid": "0a8df280-fd84-49e6-863a-abccbf2a176a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/208", "content": "\u2604\ufe0fCVE-2023-34051: VMware Aria Operations for Logs\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043e\u0442 root\ud83d\udc80\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/horizon3ai/CVE-2023-34051\n\n\ud83d\udcdd\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0440\u0435\u0441\u0435\u0440\u0447:\nhttps://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/\n\n#cve #poc #exploit", "creation_timestamp": "2023-10-22T07:14:27.000000Z"}, {"uuid": "8282c813-4e32-4f58-8f34-11a23dd3f63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11817", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 PoC Exploits Released for Citrix and VMware Vulnerabilities.\n\nTracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution.\n\nhttps://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html", "creation_timestamp": "2023-10-25T07:27:05.000000Z"}, {"uuid": "6549a017-0d98-4f92-81e5-76b4d8d68ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34050", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5500", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA Proof of Concept of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)\nURL\uff1ahttps://github.com/X1r0z/spring-amqp-deserialization\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-20T05:48:11.000000Z"}, {"uuid": "072f92c2-9020-4ce5-ae95-e3b9793959c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34050", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11918", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2023-34050 Spring AMQP Deserialization Remote Code Execution.\n\nhttps://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution/", "creation_timestamp": "2023-11-04T07:57:57.000000Z"}, {"uuid": "b7d67180-6843-4a9d-8e7c-6a1502a8bb39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34055", "type": "seen", "source": "https://t.me/ctinow/155643", "content": "https://ift.tt/uTgaY8L\nCVE-2023-34055 | VMware Spring Boot up to 2.7.17/3.0.12/3.1.5 HTTP Request denial of service", "creation_timestamp": "2023-12-17T17:12:21.000000Z"}, {"uuid": "d75b62e3-0b60-418f-945b-7584aab9a448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34054", "type": "seen", "source": "https://t.me/ctinow/155642", "content": "https://ift.tt/gvRPqky\nCVE-2023-34054 | VMware Spring Reactor Netty up to 1.0.38/1.1.12 HTTP denial of service", "creation_timestamp": "2023-12-17T17:12:19.000000Z"}, {"uuid": "50d211bf-3e2d-4ad5-89ed-31aa5fb57ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34053", "type": "seen", "source": "https://t.me/ctinow/155640", "content": "https://ift.tt/miBnYFV\nCVE-2023-34053 | VMware Spring Framework up to 6.0.13 HTTP Rrequest denial of service", "creation_timestamp": "2023-12-17T17:12:17.000000Z"}, {"uuid": "fa14f105-746d-4425-8e85-f70ed653d286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/144469", "content": "https://ift.tt/n6giV3k\nVMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs", "creation_timestamp": "2023-10-20T19:16:49.000000Z"}, {"uuid": "84288dae-36cd-4dec-9d81-3b050769940c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "Telegram/zV2tRAbZHPZ4_cDRBFXL3KwLw_SkAtgy_XvKi401zOkJew", "content": "", "creation_timestamp": "2023-10-25T10:56:30.000000Z"}, {"uuid": "c337be4a-890a-4add-98be-379617323016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34058", "type": "seen", "source": "Telegram/hf04JQFA3Z2a3YmP3SZP8xmmGUP5jRPXxIRuNwoK3r0vaA", "content": "", "creation_timestamp": "2023-10-27T12:25:35.000000Z"}, {"uuid": "cb5ec7ca-7c6a-4496-9fb1-325c2267b61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34059", "type": "seen", "source": "Telegram/_mcXzXimhWw8LUwqz-K1mOkApL6yac6wtjZ6FfHAZdnhDQ", "content": "", "creation_timestamp": "2023-10-27T12:26:00.000000Z"}, {"uuid": "87fe3c2e-5154-4b97-8ce5-f5ff8b45c0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1788", "content": "CVE-2023-34051\nVMware Aria Operations for Logs \n*\nTechnical Deep\n*\nExploit\n\n\n#vmware #bypass #exploit", "creation_timestamp": "2023-10-21T06:50:53.000000Z"}, {"uuid": "00a91a38-d18a-4a40-ab96-cf190bf57327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/KomunitiSiber/978", "content": "Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities\nhttps://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html\n\nVirtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs.\nTracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution.\n\"An unauthenticated, malicious actor can inject files", "creation_timestamp": "2023-10-25T09:52:24.000000Z"}, {"uuid": "370d519b-ddfe-4c4f-bd41-0dd1c1a7120e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34059", "type": "seen", "source": "https://t.me/cibsecurity/73038", "content": "\u203c CVE-2023-34059 \u203c\n\nopen-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper.\u00c2\u00a0A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T12:17:00.000000Z"}, {"uuid": "4c42960b-db65-4137-85f3-2473dc557e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34056", "type": "seen", "source": "https://t.me/true_secator/5008", "content": "VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 vCenter Server.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2023-34048\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 9,8, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0413\u0440\u0438\u0433\u043e\u0440\u0438\u0435\u043c \u0414\u043e\u0440\u043e\u0434\u043d\u043e\u0432\u044b\u043c \u0438\u0437 Trend Micro Zero Day Initiative.\n\n\u041e\u043d\u0430 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u00a0DCE/RPC, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a vCenter Server, \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0412 VMware \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043a\u0440\u043e\u043c\u0435 \u043a\u0430\u043a \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u041f\u041e: VMware vCenter Server 8.0 (8.0U1d \u0438\u043b\u0438 8.0U2), \u0421\u0435\u0440\u0432\u0435\u0440 VMware vCenter 7.0 (7.0U3o) \u0438 VMware Cloud Foundation 5.x \u0438 4.x.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0435\u0435 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u043f\u0430\u0442\u0447 \u0434\u043b\u044f vCenter Server 6.7U3, 6.5U3 \u0438 VCF 3.x.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 CVE-2023-34056 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 4,3), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 vCenter, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043d\u0435\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u041a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442\u00a0VMware, \u0435\u0439 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043b\u044e\u0431\u044b\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.", "creation_timestamp": "2023-10-26T12:34:20.000000Z"}, {"uuid": "5f6f5431-f971-47a5-b442-619a13d3682e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34057", "type": "seen", "source": "https://t.me/cibsecurity/73037", "content": "\u203c CVE-2023-34057 \u203c\n\nVMware Tools contains a local privilege escalation vulnerability.\u00c2\u00a0A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T12:16:59.000000Z"}, {"uuid": "104dabae-c08a-4e67-be73-bae77cd1a582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34058", "type": "seen", "source": "https://t.me/cibsecurity/73041", "content": "\u203c CVE-2023-34058 \u203c\n\nVMware Tools contains a SAML token signature bypass vulnerability.\u00c2\u00a0A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html \u00c2\u00a0in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T12:17:04.000000Z"}, {"uuid": "2fb3f391-12e7-4d88-838e-4be5fad925ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34053", "type": "seen", "source": "https://t.me/ctinow/181028", "content": "https://ift.tt/6V9dKOG\nCVE-2023-34053 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Third Party denial of service", "creation_timestamp": "2024-02-07T23:16:41.000000Z"}, {"uuid": "7907cca7-529d-42f3-9066-7edf7272516c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34055", "type": "seen", "source": "https://t.me/ctinow/181072", "content": "https://ift.tt/5DUZjza\nCVE-2023-34055 | Oracle Communications Cloud Native Core Console 23.3.1 Configuration denial of service", "creation_timestamp": "2024-02-08T01:26:07.000000Z"}, {"uuid": "162948c7-ea33-4607-b50f-26627d7f5160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34055", "type": "seen", "source": "https://t.me/ctinow/158080", "content": "https://ift.tt/IRd1Ljp\nCVE-2023-34055 Spring Boot Vulnerability in NetApp Products", "creation_timestamp": "2023-12-22T00:26:33.000000Z"}, {"uuid": "6ef70614-c1fc-4616-937d-cd1b9c8f9676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34055", "type": "seen", "source": "https://t.me/ctinow/181106", "content": "https://ift.tt/TkCJgLl\nCVE-2023-34055 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Third Party denial of service", "creation_timestamp": "2024-02-08T02:26:15.000000Z"}, {"uuid": "3deefe85-76e8-4e98-a923-037d26ab90c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34050", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1431", "content": "https://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution", "creation_timestamp": "2023-11-04T05:18:38.000000Z"}, {"uuid": "cfc02099-72ee-4df9-a7b8-54e66360abff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9238", "content": "#exploit\n1. CVE-2023-34051:\nVMware Aria Operations for Logs - authentication bypass\nhttps://github.com/horizon3ai/CVE-2023-34051\n\n2. CVE-2023-28432:\nMinIO information disclosure\nhttps://github.com/yTxZx/CVE-2023-28432", "creation_timestamp": "2023-10-21T17:07:26.000000Z"}, {"uuid": "954e7557-8784-41fd-bc8e-c75c7d0d6dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "Telegram/E_yspdvD2OkGzVpTzZE5pT7_xF8O16klvXLRVGJdEx8V", "content": "", "creation_timestamp": "2023-10-22T23:08:41.000000Z"}, {"uuid": "e198f654-bcd0-47b9-a5bf-3d311af28329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34050", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9322", "content": "#exploit\n1. CVE-2023-34050:\nSpring AMQP Deserialization RCE\nhttps://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution\n\n2. CVE-2023-20273:\nIOS XE root priv escalation\nhttps://blog.leakix.net/2023/10/cisco-root-privesc\n\n3. Stealing OAuth tokens of connected MS accounts via open redirect in Harvest App\nhttps://eval.blog/research/microsoft-account-token-leaks-in-harvest", "creation_timestamp": "2023-11-04T18:42:20.000000Z"}, {"uuid": "62d50ad8-f475-4780-9b0f-dc1e30fea4e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "exploited", "source": "https://t.me/true_secator/5005", "content": "VMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 vRealize Log Insight (VMware Aria Operations for Logs), \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2023-34051, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0440\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Horizon3, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0445 \u043e\u0448\u0438\u0431\u043a\u0443, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043d\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0438\u043b\u0438 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430.\n\nHorizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430\u00a0\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u0440\u0438\u0447\u0438\u043d\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2023-34051 \u0434\u043b\u044f RCE \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 VMware.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438\u00a0PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u00a0\u0438 \u0441\u043f\u0438\u0441\u043e\u043a IOC \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u0410\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438  \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 cron \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441\u043e \u0441\u0440\u0435\u0434\u043e\u0439.\n\n\u0427\u0442\u043e\u0431\u044b \u044d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u0442\u043e\u0442 \u0436\u0435 IP-\u0430\u0434\u0440\u0435\u0441, \u0447\u0442\u043e \u0438 \u0433\u043b\u0430\u0432\u043d\u044b\u0439/\u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0443\u0437\u0435\u043b.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e \u0441\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c\u00a0\u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a,\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 VMware \u0432 \u044f\u043d\u0432\u0430\u0440\u0435, \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f (CVE-2022-31706) - \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430, \u0432\u0442\u043e\u0440\u0430\u044f (CVE-2022-31704) - \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0442\u0440\u0435\u0442\u044c\u044f \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2022-31711).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (\u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 VMware \u043a\u0430\u043a\u00a0VMSA-2023-0001) \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0435 \u041f\u041e Aria Operations for Logs.\n\n\u0422\u043e\u0433\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f VMSA-2023-0001 Horizon3 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438 Thrift RPC \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u042d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u0435\u0433\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043d\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u043b\u044f \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u0432\u0440\u044f\u0434 \u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u0443\u0434\u0435\u0442 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u0433\u0434\u0435-\u0442\u043e \u0432 \u0441\u0435\u0442\u0438.\n\n\u041d\u043e \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043d\u0435\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0434\u043b\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 VMware \u0446\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438.", "creation_timestamp": "2023-10-25T13:20:05.000000Z"}, {"uuid": "5e8d33ce-2bc0-4b58-a3af-caaa54dad80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1453", "content": "#exploit\n1. CVE-2023-34051:\nVMware Aria Operations for Logs - authentication bypass\nhttps://github.com/horizon3ai/CVE-2023-34051\n\n2. CVE-2023-28432:\nMinIO information disclosure\nhttps://github.com/yTxZx/CVE-2023-28432", "creation_timestamp": "2024-08-16T08:37:53.000000Z"}, {"uuid": "817377ee-78ac-43a1-8f68-32bcc630c1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34051", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1449", "content": "CVE-2023-34051 : VMware Aria Operations for Logs\u00a0 - Authentication Bypass\n\nPOC : https://github.com/horizon3ai/CVE-2023-34051\n\nTechnical Analysis : https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive\n\nIndicators of Compromise : https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/", "creation_timestamp": "2024-08-16T08:37:52.000000Z"}, {"uuid": "8643463c-03d7-4ed2-9114-ec8df8fe795a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34050", "type": "seen", "source": "https://t.me/Rootsec_2/1630", "content": "#exploit\n1. CVE-2023-34050:\nSpring AMQP Deserialization RCE\nhttps://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution\n\n2. CVE-2023-20273:\nIOS XE root priv escalation\nhttps://blog.leakix.net/2023/10/cisco-root-privesc\n\n3. Stealing OAuth tokens of connected MS accounts via open redirect in Harvest App\nhttps://eval.blog/research/microsoft-account-token-leaks-in-harvest", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}]}