{"vulnerability": "CVE-2024-2050", "sightings": [{"uuid": "c23ad1bd-54bc-4314-8813-50d16b2ed8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20504", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113437017796621694", "content": "", "creation_timestamp": "2024-11-06T16:45:36.451943Z"}, {"uuid": "cd67fb9d-7898-4b90-a82c-27d3464742e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20507", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113437017811180962", "content": "", "creation_timestamp": "2024-11-06T16:45:36.594669Z"}, {"uuid": "775e6558-5f20-4068-9eb9-0497862f2ab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20504", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.092031Z"}, {"uuid": "289911a0-376a-43e5-a9b5-902c1d99387d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20507", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.118398Z"}, {"uuid": "3b989a25-8dbf-4def-a6f0-2f78f79cd054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20504", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.546587Z"}, {"uuid": "bbe94a43-e948-4d60-b610-21a6e8f33341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20507", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.575489Z"}, {"uuid": "9825a7e1-0a34-424b-8814-8bdf1558bef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20504", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.822692Z"}, {"uuid": "7d890f02-9126-41dc-811e-b4b23179503c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20507", "type": "seen", "source": "https://t.me/cvedetector/10030", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20507 - Cisco Meeting Management Cleartext Data Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20507 \nPublished : Nov. 6, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.  \n  \nThis vulnerability is due to improper storage of sensitive information within the web-based management interface of an affected device. An attacker could exploit this vulnerability by logging in to the web-based management interface. A successful exploit could allow the attacker to view sensitive data that is stored on the affected device. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-06T19:10:55.000000Z"}, {"uuid": "8649b42f-4314-45c0-9719-dac0ee857075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20504", "type": "seen", "source": "https://t.me/cvedetector/10029", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20504 - Cisco AsyncOS Stored XSS Vulnerability in Cisco Secure Email and Web Manager\", \n  \"Content\": \"CVE ID : CVE-2024-20504 \nPublished : Nov. 6, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.  \n  \nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-06T19:10:52.000000Z"}, {"uuid": "650d7d05-bb0e-4b95-9780-69bae2ab97c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20508", "type": "seen", "source": "https://t.me/cvedetector/6336", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20508 - Cisco Unified Threat Defense (UTD) Snort IPS Engine HTTP Request Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20508 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device.  \n  \nThis vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process.  If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:02.000000Z"}, {"uuid": "82ddb7d4-4e44-48f8-92bc-d7bbaf740f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20509", "type": "seen", "source": "https://t.me/cvedetector/6872", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20509 - Cisco AnyConnect VPN Server Critical Authentication Handler Guessing Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20509 \nPublished : Oct. 2, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the AnyConnect VPN service on an affected device.  \n  \nThis vulnerability is due to weak entropy for handlers that are used during the VPN authentication process as well as a race condition that exists in the same process. An attacker could exploit this vulnerability by correctly guessing an authentication handler and then sending crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to take over the AnyConnect VPN session from a target user or prevent the target user from establishing an AnyConnect VPN session with the affected device. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T22:13:20.000000Z"}, {"uuid": "351b07c3-d337-4c6f-8314-4f15d9b5fd91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20502", "type": "seen", "source": "https://t.me/cvedetector/6871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20502 - Cisco AnyConnect VPN Server SSL VPN DoS\", \n  \"Content\": \"CVE ID : CVE-2024-20502 \nPublished : Oct. 2, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.  \n  \nThis vulnerability is due to insufficient resource management while establishing SSL VPN sessions. An attacker could exploit this vulnerability by sending a series of crafted HTTPS requests to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.  \nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T22:13:19.000000Z"}, {"uuid": "d71bc108-1eae-4ec8-a350-e3d2dfe11977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20501", "type": "seen", "source": "https://t.me/cvedetector/6870", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20501 - Cisco AnyConnect VPN Remote Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-20501 \nPublished : Oct. 2, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.  \n  \nThese vulnerabilities are due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN connections and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.  \nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T22:13:18.000000Z"}, {"uuid": "75bf982d-7a20-4477-8b29-938ff49ef35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20500", "type": "seen", "source": "https://t.me/cvedetector/6869", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20500 - Cisco AnyConnect VPN Denial of Service Due to Insufficient TLS/SSL Resource Management\", \n  \"Content\": \"CVE ID : CVE-2024-20500 \nPublished : Oct. 2, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.  \n  \nThis vulnerability is due to insufficient resource management when establishing TLS/SSL sessions. An attacker could exploit this vulnerability by sending a series of crafted TLS/SSL messages to the VPN server of an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to stop accepting new connections, preventing new SSL VPN connections from being established. Existing SSL VPN sessions are not impacted.  \nNote: When the attack traffic stops, the Cisco AnyConnect VPN server recovers gracefully without requiring manual intervention. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T22:13:17.000000Z"}, {"uuid": "55f6bed9-8408-4e62-944a-f201399ce776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2050", "type": "seen", "source": "https://t.me/ctinow/210764", "content": "https://ift.tt/k6rSpn2\nCVE-2024-2050", "creation_timestamp": "2024-03-18T17:27:04.000000Z"}, {"uuid": "3c7c9949-cb29-4cfd-8f3a-d3291337deec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20505", "type": "seen", "source": "https://t.me/cvedetector/4875", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20505 - ClamAV PDF Parsing Out-of-Bounds Read Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-20505 \nPublished : Sept. 4, 2024, 10:15 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.  \n  \nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T01:18:34.000000Z"}, {"uuid": "7a6b70ba-f6ee-40b4-8fa1-b74a15720227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20506", "type": "seen", "source": "https://t.me/cvedetector/4874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20506 - ClamAV ClamD Symlink File Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20506 \nPublished : Sept. 4, 2024, 10:15 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.  \n  \nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T01:18:33.000000Z"}, {"uuid": "3378c89e-708a-47fe-a420-345af95aa51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20503", "type": "seen", "source": "https://t.me/cvedetector/4819", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20503 - \"Cisco Duo Epic for Hyperdrive Cleartext Registry Key Exposure Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20503 \nPublished : Sept. 4, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system.  \n  \nThis vulnerability is due to improper storage of an unencrypted registry key. A low-privileged attacker could exploit this vulnerability by viewing or querying the registry key on the affected system. A successful exploit could allow the attacker to view sensitive information in cleartext. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T20:15:43.000000Z"}, {"uuid": "6f74f6e9-52a4-4fa0-ba32-da80ab88066f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2050", "type": "seen", "source": "https://t.me/ctinow/210778", "content": "https://ift.tt/k6rSpn2\nCVE-2024-2050", "creation_timestamp": "2024-03-18T17:32:09.000000Z"}]}