{"vulnerability": "cve-2019-1085", "sightings": [{"uuid": "b0823138-1960-4b7e-a0ff-cbea5197a69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10853", "type": "seen", "source": "https://t.me/cve_mitre_org/258", "content": "CVE-2019-10853 Computrols CBAS 18.0.0 allows Authentication Bypass. https://t.co/Thd7PB9OrL\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:24.000000Z"}, {"uuid": "0a326ec3-36fb-4be0-9d2d-f613e7bff4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10854", "type": "seen", "source": "https://t.me/cve_mitre_org/259", "content": "CVE-2019-10854 Computrols CBAS 18.0.0 allows Authenticated Command Injection. https://t.co/UrhXCX7kjQ\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:25.000000Z"}, {"uuid": "bfa6eca8-a774-45c3-8c17-16850fbf11de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10855", "type": "seen", "source": "https://t.me/cve_mitre_org/260", "content": "CVE-2019-10855 Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database. https://t.co/mUwBZ2pPSs\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:26.000000Z"}, {"uuid": "764060ed-df24-4cbb-bfea-e7a069ca4bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10850", "type": "seen", "source": "https://t.me/cve_mitre_org/255", "content": "CVE-2019-10850 Computrols CBAS 18.0.0 has Default Credentials. https://t.co/iZA70J6pa1\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:21.000000Z"}, {"uuid": "c331d214-5cee-44ef-a674-a3a681b805a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10851", "type": "seen", "source": "https://t.me/cve_mitre_org/256", "content": "CVE-2019-10851 Computrols CBAS 18.0.0 has hard-coded encryption keys. https://t.co/WYl54XKL7S\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:22.000000Z"}, {"uuid": "e4bbe564-928b-4591-8462-9eb01453ab68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10852", "type": "seen", "source": "https://t.me/cve_mitre_org/257", "content": "CVE-2019-10852 Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. https://t.co/qGSuoJqzCz\u2014 CVE (@CVEnew) May 23, 2019\n\nMay 23, 2019 at 10:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-23T19:48:23.000000Z"}]}