{"vulnerability": "CVE-2024-3888", "sightings": [{"uuid": "a37ca4d5-51ea-418c-b498-aa36bf2fbd87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38889", "type": "seen", "source": "https://t.me/cvedetector/2378", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38889 - Caterease SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38889 \nPublished : Aug. 2, 2024, 8:17 p.m. | 35\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T23:13:05.000000Z"}, {"uuid": "d11beae2-f997-4a01-9f00-e40b503334f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38887", "type": "seen", "source": "https://t.me/cvedetector/2382", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38887 - Horizon Business Services Inc. Caterease Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38887 \nPublished : Aug. 2, 2024, 9:16 p.m. | 35\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-03T00:03:15.000000Z"}, {"uuid": "80041203-4f95-4312-a5c4-b4cd5f3ef460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38888", "type": "seen", "source": "https://t.me/cvedetector/2377", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38888 - Horizon Business Services Inc. Caterease Authentication Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-38888 \nPublished : Aug. 2, 2024, 8:17 p.m. | 35\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T23:13:04.000000Z"}, {"uuid": "61d87378-fb01-49a3-a8af-405bf43a6c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38886", "type": "seen", "source": "https://t.me/cvedetector/2366", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38886 - Caterease SSL/TLS Improper Verification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38886 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:29.000000Z"}, {"uuid": "8273d6a0-6344-4e8a-9374-bbd4b3d7c470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38881", "type": "seen", "source": "https://t.me/cvedetector/2367", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38881 - Caterease Password Hashing Weakness (Rainbow Table Attack)\", \n  \"Content\": \"CVE ID : CVE-2024-38881 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:30.000000Z"}, {"uuid": "db28a82e-c292-423c-bcb7-c373eeddc360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38884", "type": "seen", "source": "https://t.me/cvedetector/2365", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38884 - Caterease Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38884 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentication mechanisms \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:28.000000Z"}, {"uuid": "f5858eda-5ed5-432a-bfdd-00062d29fa9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38883", "type": "seen", "source": "https://t.me/cvedetector/2364", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38883 - Caterease TLS Encryption Level Downgrade Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38883 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:27.000000Z"}, {"uuid": "5313d367-f8cc-4786-835a-2598bcd0b088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38885", "type": "seen", "source": "https://t.me/cvedetector/2363", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38885 - Caterease SQL Injection Credential Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38885 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:26.000000Z"}, {"uuid": "bf57a4e0-2ca0-45d8-ac69-36392c6ce844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38882", "type": "seen", "source": "https://t.me/cvedetector/2362", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38882 - Horizon Caterease SQL Injection Command Execution\", \n  \"Content\": \"CVE ID : CVE-2024-38882 \nPublished : Aug. 2, 2024, 6:16 p.m. | 21\u00a0minutes ago \nDescription : An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T20:42:25.000000Z"}]}