{"vulnerability": "CVE-2024-3653", "sightings": [{"uuid": "a3be18cf-1c37-4376-8ad4-8859ef248db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3653", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1110", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3653\n\ud83d\udd39 Description: A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.\n\ud83d\udccf Published: 2024-07-08T21:21:20.899Z\n\ud83d\udccf Modified: 2025-01-09T21:35:52.649Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:4392\n2. https://access.redhat.com/errata/RHSA-2024:5143\n3. https://access.redhat.com/errata/RHSA-2024:5144\n4. https://access.redhat.com/errata/RHSA-2024:5145\n5. https://access.redhat.com/errata/RHSA-2024:5147\n6. https://access.redhat.com/errata/RHSA-2024:6437\n7. https://access.redhat.com/security/cve/CVE-2024-3653\n8. https://bugzilla.redhat.com/show_bug.cgi?id=2274437", "creation_timestamp": "2025-01-09T22:16:14.000000Z"}, {"uuid": "96202f16-5310-4d68-8075-db87df41f1d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36536", "type": "seen", "source": "https://t.me/cvedetector/1589", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36536 - FabEdge Token Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36536 \nPublished : July 24, 2024, 7:15 p.m. | 18\u00a0minutes ago \nDescription : Insecure permissions in fabedge v0.8.1 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T21:40:05.000000Z"}, {"uuid": "56af0762-7c51-4c58-a869-37ad31ed0883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3653", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3653\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.\n\ud83d\udccf Published: 2024-07-08T21:21:20.899Z\n\ud83d\udccf Modified: 2025-06-18T18:51:22.323Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:4392\n2. https://access.redhat.com/errata/RHSA-2024:5143\n3. https://access.redhat.com/errata/RHSA-2024:5144\n4. https://access.redhat.com/errata/RHSA-2024:5145\n5. https://access.redhat.com/errata/RHSA-2024:5147\n6. https://access.redhat.com/errata/RHSA-2024:6437\n7. https://access.redhat.com/security/cve/CVE-2024-3653\n8. https://bugzilla.redhat.com/show_bug.cgi?id=2274437", "creation_timestamp": "2025-06-18T19:39:59.000000Z"}, {"uuid": "e6f75abe-2e42-4b82-8047-e5c0b2de22e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3653", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5446", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3653\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.\n\ud83d\udccf Published: 2024-07-08T21:21:20.899Z\n\ud83d\udccf Modified: 2025-02-26T04:13:19.878Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:4392\n2. https://access.redhat.com/errata/RHSA-2024:5143\n3. https://access.redhat.com/errata/RHSA-2024:5144\n4. https://access.redhat.com/errata/RHSA-2024:5145\n5. https://access.redhat.com/errata/RHSA-2024:5147\n6. https://access.redhat.com/errata/RHSA-2024:6437\n7. https://access.redhat.com/security/cve/CVE-2024-3653\n8. https://bugzilla.redhat.com/show_bug.cgi?id=2274437", "creation_timestamp": "2025-02-26T04:24:30.000000Z"}, {"uuid": "ef08261b-875d-4149-b112-d78186313f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36537", "type": "seen", "source": "https://t.me/cvedetector/1588", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36537 - Cert-manager Insecure Permissions Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-36537 \nPublished : July 24, 2024, 7:15 p.m. | 18\u00a0minutes ago \nDescription : Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T21:40:03.000000Z"}, {"uuid": "e296096c-5fe8-4260-9908-344f357d320f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36538", "type": "seen", "source": "https://t.me/cvedetector/1586", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36538 - Chaos-Mesh Persistent Permissions Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36538 \nPublished : July 24, 2024, 7:15 p.m. | 18\u00a0minutes ago \nDescription : Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T21:40:02.000000Z"}, {"uuid": "5d7533b5-6fea-4450-abf5-e6769b2f1828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36533", "type": "seen", "source": "https://t.me/cvedetector/1598", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36533 - Volcano Insecure Permissions Token Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36533 \nPublished : July 24, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : Insecure permissions in volcano v1.8.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T23:20:35.000000Z"}, {"uuid": "0950c27f-43ef-4b3e-b870-298790817132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36539", "type": "seen", "source": "https://t.me/cvedetector/1580", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36539 - Contour Privilege Escalation and Data Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36539 \nPublished : July 24, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T19:59:45.000000Z"}, {"uuid": "131811e3-e092-4181-946f-8beedc4460e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36534", "type": "seen", "source": "https://t.me/cvedetector/1600", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36534 - Huawei hwameistor Unsecured Token Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36534 \nPublished : July 24, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T23:20:37.000000Z"}, {"uuid": "5a89edf9-8655-424f-9802-2a98125265da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3653", "type": "seen", "source": "https://t.me/cvedetector/219", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3653 - A vulnerability was found in Undertow. This issue\", \n  \"Content\": \"CVE ID : CVE-2024-3653 \nPublished : July 8, 2024, 10:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T00:31:43.000000Z"}]}