{"vulnerability": "CVE-2023-3750", "sightings": [{"uuid": "8b410002-d278-496b-bd53-04006e7d488f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37504", "type": "seen", "source": "https://t.me/cibsecurity/72547", "content": "\u203c CVE-2023-37504 \u203c\n\nHCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. \u00c2\u00a0If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T07:34:12.000000Z"}, {"uuid": "e3ecb9b8-105a-445b-8016-c0e8b9e37447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3750", "type": "seen", "source": "https://t.me/arpsyndicate/4641", "content": "#ExploitObserverAlert\n\nCVE-2023-3750\n\nDESCRIPTION: Exploit Observer has 13 entries in 3 file formats related to CVE-2023-3750. A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.\n\nFIRST-EPSS: 0.000680000\nNVD-IS: 3.6\nNVD-ES: 1.6\nARPS-EXPLOITABILITY: 0.6913015", "creation_timestamp": "2024-04-13T11:55:11.000000Z"}, {"uuid": "7bd342d3-2cf0-49f5-b06c-614ae172d9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37503", "type": "seen", "source": "https://t.me/cibsecurity/72544", "content": "\u203c CVE-2023-37503 \u203c\n\nHCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T07:34:08.000000Z"}, {"uuid": "220817f0-7efe-4d25-9423-aac1adb9703a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3750", "type": "seen", "source": "https://t.me/cibsecurity/67168", "content": "\u203c CVE-2023-3750 \u203c\n\nA flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-24T20:26:24.000000Z"}]}