{"vulnerability": "CVE-2024-3849", "sightings": [{"uuid": "a365d92a-3b9a-4d2e-92c7-aea66ce711aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38499", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113666581841693387", "content": "", "creation_timestamp": "2024-12-17T05:46:36.302896Z"}, {"uuid": "feb1a31a-ebab-4cd6-afc1-68251ffa5918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38499", "type": "seen", "source": "https://t.me/cvedetector/13070", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38499 - CA Client Automation (ITCM) Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38499 \nPublished : Dec. 17, 2024, 6:15 a.m. | 43\u00a0minutes ago \nDescription : CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute \"caf encrypt\"/\"sd_acmd encrypt\" commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T08:25:17.000000Z"}, {"uuid": "76407c93-b530-4b82-985d-154937479adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38490", "type": "seen", "source": "https://t.me/cvedetector/2224", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38490 - \"Dell iDRAC Out-of-Bound Write Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-38490 \nPublished : Aug. 1, 2024, 8:15 a.m. | 40\u00a0minutes ago \nDescription : Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Write Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T11:14:39.000000Z"}, {"uuid": "f2e27c33-0718-4fd2-9273-e97940fcc109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38495", "type": "seen", "source": "https://t.me/cvedetector/875", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38495 - Apache PAM Authentication Token Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-38495 \nPublished : July 15, 2024, 3:15 p.m. | 22\u00a0minutes ago \nDescription : A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T17:41:03.000000Z"}, {"uuid": "bf4c39a5-ba3b-479e-ad40-91d6f7b685b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38496", "type": "seen", "source": "https://t.me/cvedetector/874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38496 - Dropbear PAM Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38496 \nPublished : July 15, 2024, 3:15 p.m. | 22\u00a0minutes ago \nDescription : The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T17:41:02.000000Z"}, {"uuid": "45466469-f2e1-43fe-ba20-72b802a82456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38491", "type": "seen", "source": "https://t.me/cvedetector/869", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38491 - Oracle Database Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-38491 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : The vulnerability allows an unauthenticated attacker to read arbitrary information from the database. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:50.000000Z"}, {"uuid": "7fbdf294-81b9-427c-8a8d-bbad1efdd5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38493", "type": "seen", "source": "https://t.me/cvedetector/868", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38493 - Apple PAM UI Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38493 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:49.000000Z"}, {"uuid": "713f98bd-86a4-48aa-8ef7-e1268a0214fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38494", "type": "seen", "source": "https://t.me/cvedetector/866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38494 - Apache PAM Remote Command Execution\", \n  \"Content\": \"CVE ID : CVE-2024-38494 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:47.000000Z"}, {"uuid": "8b887791-a640-46f8-adc4-749ed2cdd3cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38492", "type": "seen", "source": "https://t.me/cvedetector/865", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38492 - \"Barracuda PAM Remote Command Execution\"\", \n  \"Content\": \"CVE ID : CVE-2024-38492 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:46.000000Z"}]}