{"vulnerability": "CVE-2023-3421", "sightings": [{"uuid": "a986343d-ac2e-44aa-9ff8-160f87328a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34212", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12009", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Apache NiFi - CVE-2023-34212\n\nhttps://github.com/mbadanoiu/CVE-2023-34212/blob/main/Apache%20NiFi%20-%20CVE-2023-34212.pdf", "creation_timestamp": "2023-11-25T22:51:37.000000Z"}, {"uuid": "c5b2a073-aefa-4516-aeef-006f7c245971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34212", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5953", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi\nURL\uff1ahttps://github.com/mbadanoiu/CVE-2023-34212\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-25T13:02:12.000000Z"}, {"uuid": "671c1ba9-c898-4c45-aa3f-6f8beebcdd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34218", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1073", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34218\n\ud83d\udd39 Description: In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible\n\ud83d\udccf Published: 2023-05-31T13:03:12.814Z\n\ud83d\udccf Modified: 2025-01-09T20:54:20.791Z\n\ud83d\udd17 References:\n1. https://www.jetbrains.com/privacy-security/issues-fixed/", "creation_timestamp": "2025-01-09T21:15:39.000000Z"}, {"uuid": "91d3af78-32d4-4eb1-a591-c568b18a9707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34219", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1079", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34219\n\ud83d\udd39 Description: In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API\n\ud83d\udccf Published: 2023-05-31T13:03:13.367Z\n\ud83d\udccf Modified: 2025-01-09T20:33:32.302Z\n\ud83d\udd17 References:\n1. https://www.jetbrains.com/privacy-security/issues-fixed/", "creation_timestamp": "2025-01-09T21:16:09.000000Z"}, {"uuid": "f599c664-d695-4e9d-8f38-2b3d92bc7923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34212", "type": "seen", "source": "https://t.me/arpsyndicate/894", "content": "#ExploitObserverAlert\n\nCVE-2023-34212\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-34212. The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location.  The resolution validates the JNDI URL and restricts locations to a set of allowed schemes.  You are recommended to upgrade to version 1.22.0 or later which fixes this issue.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-02T03:50:16.000000Z"}, {"uuid": "a0564e74-6a2d-4d3a-ac48-20d8925ac483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34212", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9462", "content": "#Threat_Research\n\"Java Deserialization via JNDI Components in Apache NiFi (CVE-2023-34212)\",  2023.\n]-> https://github.com/mbadanoiu/CVE-2023-34212", "creation_timestamp": "2023-11-27T10:21:31.000000Z"}, {"uuid": "f2ea0212-5ce4-46b0-9f6a-6f79d6489719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34215", "type": "seen", "source": "https://t.me/cibsecurity/68722", "content": "\u203c CVE-2023-34215 \u203c\n\nTN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices.\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T12:41:30.000000Z"}, {"uuid": "f98e8f1f-e54d-4048-8f6f-ce6c3b83fcd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34216", "type": "seen", "source": "https://t.me/cibsecurity/68731", "content": "\u203c CVE-2023-34216 \u203c\n\nTN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T12:37:17.000000Z"}, {"uuid": "efc023fa-8882-4154-b1f9-51d7eaa379ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34217", "type": "seen", "source": "https://t.me/cibsecurity/68725", "content": "\u203c CVE-2023-34217 \u203c\n\nTN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T12:37:11.000000Z"}, {"uuid": "772898e6-ab9b-41d6-8a97-27abab8d9cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34212", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2099", "content": "#Threat_Research\n\"Java Deserialization via JNDI Components in Apache NiFi (CVE-2023-43212)\",  2023.\n]-> https://github.com/mbadanoiu/CVE-2023-34212", "creation_timestamp": "2024-08-16T08:52:58.000000Z"}]}