{"vulnerability": "CVE-2024-2118", "sightings": [{"uuid": "8298306d-6140-48e5-8768-c9fa92a6743d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-21182", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lenisuth4s22", "content": "", "creation_timestamp": "2025-01-01T02:20:51.622996Z"}, {"uuid": "09cc10cb-baa0-45b3-996f-3d671efe6e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3leo5hi2hil2a", "content": "", "creation_timestamp": "2025-01-01T08:30:17.206481Z"}, {"uuid": "48b7201c-1283-4c2b-a86d-1e6dacef6334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3leormlhvin25", "content": "", "creation_timestamp": "2025-01-01T14:31:03.769806Z"}, {"uuid": "1e2607cb-eecb-4a11-abe6-4319f33e0a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21181", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llettgmcmi2o", "content": "", "creation_timestamp": "2025-03-27T17:40:23.757547Z"}, {"uuid": "5d5274eb-cb15-45ed-b141-9c3cd953a4bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9640", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024021182\nURL\uff1ahttps://github.com/k4it0k1d/CVE-2024-21182\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-29T15:51:23.000000Z"}, {"uuid": "1d028f96-4fad-4ff5-af74-12af1a2241c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:20.000000Z"}, {"uuid": "d898807a-2e9a-4f76-b59f-35f0265168d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/1926", "content": "\u26a1\ufe0fCVE-2024-21182 : Allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server\n\nPoC : https://github.com/k4it0k1d/CVE-2024-21182\n\n#CyberBulletin", "creation_timestamp": "2025-01-03T06:32:56.000000Z"}, {"uuid": "0ac580de-4dc8-4c61-bcbf-490a0d355177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21183", "type": "seen", "source": "https://t.me/cvedetector/1041", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21183 - Oracle WebLogic Server Remote Unauthenticated Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21183 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:14.000000Z"}, {"uuid": "e7b1c9db-e602-4e15-a8d0-63e62d1d6dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21181", "type": "seen", "source": "https://t.me/cvedetector/1040", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21181 - \"Oracle WebLogic Server Core Remote Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-21181 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:13.000000Z"}, {"uuid": "d860bd29-be21-4e30-bad5-07c7deb8a2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21180", "type": "seen", "source": "https://t.me/cvedetector/1043", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21180 - Oracle PeopleSoft OpenSearch Dashboards HTTP Misconfigured Search Criteria Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-21180 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards).  Supported versions that are affected are 8.59, 8.60 and  8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N). \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:17.000000Z"}, {"uuid": "222ee949-f6c2-4443-b796-d0c302180107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "seen", "source": "https://t.me/cvedetector/1042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21182 - Oracle WebLogic Server Remote Unauthorized Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21182 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are 12.2.1.4.0 and  14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:15.000000Z"}, {"uuid": "19b0d7cb-cda6-4236-a1a6-6f25c304ebbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21188", "type": "seen", "source": "https://t.me/cvedetector/1039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21188 - Oracle Financial Services Revenue Management and Billing HTTP Chatbot Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-21188 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot).  Supported versions that are affected are 6.0.0.0.0 and  6.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Revenue Management and Billing, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Financial Services Revenue Management and Billing accessible data as well as  unauthorized read access to a subset of Oracle Financial Services Revenue Management and Billing accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:09.000000Z"}, {"uuid": "3f179003-7646-4c83-a899-b4de477cd0bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21185", "type": "seen", "source": "https://t.me/cvedetector/1038", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21185 - Oracle MySQL MySQL Server Unauthenticated High Privilege Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-21185 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.38, 8.4.1 and  9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:20:08.000000Z"}, {"uuid": "26a6b7c2-526e-495f-b85d-f4daae884f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21184", "type": "seen", "source": "https://t.me/cvedetector/1031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21184 - Oracle Database RDBMS Security XS_DIAG Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21184 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server.  Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security.  Successful attacks of this vulnerability can result in takeover of Oracle Database RDBMS Security. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:19:59.000000Z"}, {"uuid": "da86e3d4-af5c-41f1-835e-c2b5185a1dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9339", "content": "\u26a1\ufe0fCVE-2024-21182 : Allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server\n\nPoC : https://github.com/k4it0k1d/CVE-2024-21182\n\n#CyberBulletin", "creation_timestamp": "2025-01-06T06:33:13.000000Z"}, {"uuid": "cb495f7e-ecc9-4315-96a3-2c30ae125aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21181", "type": "seen", "source": "https://t.me/HackingInsights/6632", "content": "\u200aOracle WebLogic Users Urged to Patch Critical Vulnerability (CVE-2024-21181, CVSS 9.8)\n\nhttps://securityonline.info/oracle-weblogic-users-urged-to-patch-critical-vulnerability-cve-2024-21181-cvss-9-8/", "creation_timestamp": "2024-07-19T10:45:24.000000Z"}, {"uuid": "f3417be0-9b4c-45d5-b1c7-8f2e53c4d118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1394", "content": "#Github #Tools\n\nSlides for COM Hijacking AV/EDR Talk on 38c3\n\nhttps://github.com/0x4d5a-ctf/38c3_com_talk\n\nPoC for CVE-2024-21182\n\nhttps://github.com/k4it0k1d/CVE-2024-21182\n\nRustScan in Rust\n\nhttps://github.com/spacialsec/RustScan\n\nA Hex Editor for Reverse Engineers, Programmers.\n\nhttps://github.com/WerWolv/ImHex\n\nRed-Team-Exercises\n\nhttps://github.com/CyberSecurityUP/Red-Team-Exercises\n\nRecon tool to help you search vulnerability on web server.\n\nhttps://github.com/x0rr-dan/s1c0n\n\n#HackersForum", "creation_timestamp": "2024-12-31T02:57:20.000000Z"}, {"uuid": "d045301a-08f4-4dd9-a166-c03ae16e6b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9229", "content": "#Github #Tools\n\nSlides for COM Hijacking AV/EDR Talk on 38c3\n\nhttps://github.com/0x4d5a-ctf/38c3_com_talk\n\nPoC for CVE-2024-21182\n\nhttps://github.com/k4it0k1d/CVE-2024-21182\n\nRustScan in Rust\n\nhttps://github.com/spacialsec/RustScan\n\nA Hex Editor for Reverse Engineers, Programmers.\n\nhttps://github.com/WerWolv/ImHex\n\nRed-Team-Exercises\n\nhttps://github.com/CyberSecurityUP/Red-Team-Exercises\n\nRecon tool to help you search vulnerability on web server.\n\nhttps://github.com/x0rr-dan/s1c0n\n\n#HackersForum", "creation_timestamp": "2024-12-31T02:57:24.000000Z"}, {"uuid": "c0e9a76f-e241-4151-8f77-189cf88dc260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4053", "content": "#Github #Tools\n\nSlides for COM Hijacking AV/EDR Talk on 38c3\n\nhttps://github.com/0x4d5a-ctf/38c3_com_talk\n\nPoC for CVE-2024-21182\n\nhttps://github.com/k4it0k1d/CVE-2024-21182\n\nRustScan in Rust\n\nhttps://github.com/spacialsec/RustScan\n\nA Hex Editor for Reverse Engineers, Programmers.\n\nhttps://github.com/WerWolv/ImHex\n\nRed-Team-Exercises\n\nhttps://github.com/CyberSecurityUP/Red-Team-Exercises\n\nRecon tool to help you search vulnerability on web server.\n\nhttps://github.com/x0rr-dan/s1c0n\n\n#HackersForum", "creation_timestamp": "2024-12-31T02:57:13.000000Z"}, {"uuid": "3f498757-3242-411b-a47d-0c00f364770d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "seen", "source": "https://t.me/proxy_bar/2464", "content": "CVE-2024-21182\nOracle WebLogic Server JNDI Vulnerability\nLink", "creation_timestamp": "2024-12-31T17:38:06.000000Z"}, {"uuid": "efe0c639-8632-4974-bfab-6d8d644924a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/27030", "content": "\u26a1\ufe0fCVE-2024-21182 : Allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server\n\nPoC : https://github.com/k4it0k1d/CVE-2024-21182\n\n#CyberBulletin", "creation_timestamp": "2025-01-03T06:32:56.000000Z"}, {"uuid": "aae1911a-c78b-4e2c-a633-5275fe1227b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21182", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7807", "content": "#Github #Tools\n\nSlides for COM Hijacking AV/EDR Talk on 38c3\n\nhttps://github.com/0x4d5a-ctf/38c3_com_talk\n\nPoC for CVE-2024-21182\n\nhttps://github.com/k4it0k1d/CVE-2024-21182\n\nRustScan in Rust\n\nhttps://github.com/spacialsec/RustScan\n\nA Hex Editor for Reverse Engineers, Programmers.\n\nhttps://github.com/WerWolv/ImHex\n\nRed-Team-Exercises\n\nhttps://github.com/CyberSecurityUP/Red-Team-Exercises\n\nRecon tool to help you search vulnerability on web server.\n\nhttps://github.com/x0rr-dan/s1c0n\n\n#HackersForum", "creation_timestamp": "2024-12-31T02:57:24.000000Z"}]}