{"vulnerability": "cve-2022-2137", "sightings": [{"uuid": "fa54317c-763e-436c-9271-4bfcd1290620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "MISP/b7effe8d-f245-44fd-94ef-5f2f693cfb06", "content": "", "creation_timestamp": "2022-09-30T08:50:28.000000Z"}, {"uuid": "066fef7d-f9a7-4dca-8e9c-ff9352b844b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsytod6ew2t", "content": "", "creation_timestamp": "2025-01-16T00:16:07.307094Z"}, {"uuid": "d0f43e94-c09b-4c9e-b6aa-d4c12d50ef0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3043", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aOracle WebLogic CVE-2022-21371\nURL\uff1ahttps://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-27T06:29:13.000000Z"}, {"uuid": "601152be-b75d-4986-b3b5-b9e3798ab372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2814", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nBlazingFast\n\nDoS method (updated 2022)\n\nThe previous method I posted has been patched, this one has not been. You can modify this script or implement it in order to use bots to take down a BlazingFast VPS. BlazingFast is known for being a relatively good host, and with my own experience, has a good team.\n\nBlazingFast protects all its virtual private servers with very good mitigation and detection methods, this script bypasses them by pretending to be a whitelisted crawling bot (BlazingFast use them to crawl servers for statistics such as avg heat, avg net use, etc) and succeeds in sending enough traffic to knock down a single server its aimed at.\n\nhttps://github.com/0x44F/blazingfast-dos-updated\n\nPyExchangePasswordSpray\n\nMicrosoft Exchange password spraying tool with proxy capabilities.\n\nFeatures:\n\u25ab\ufe0f Proxy List Support . HTTP & HTTPS\n\u25ab\ufe0f Set a delay between each password spray.\n\u25ab\ufe0f Use user & password list from a txt file\n\u25ab\ufe0f Multi-threading support\n\nhttps://github.com/iomoath/PyExchangePasswordSpray\n\nWpushell\n\nA tool used to upload a backdoor shell to a site that uses a WordPress Content Management System with a simple and fast process. Built using the Python programming language and can only be run on the command line terminal.\n\nThis tool has advantages which include:\n\u25ab\ufe0f Fast process.\n\u25ab\ufe0f Execution of more than one target.\n\u25ab\ufe0f Easy to use.\n\nhttps://github.com/22XploiterCrew-Team/Wpushell\n\nMSSQL-Analysis-Coerce\n\nCoerced Authentication\n\nA technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.\n\nhttps://github.com/p0dalirius/MSSQL-Analysis-Coerce\n\nCVE-2022-21371\n\nThe Oracle Fusion Middleware's Oracle WebLogic Server product (Web Container component) is vulnerable to local file inclusion. An easily exploited vulnerability could allow an unauthenticated attacker with HTTP network access to compromise Oracle WebLogic Server. A successful attack on this vulnerability, provide hackers complete access to Oracle WebLogic Server's whole data store or unrestricted access to sensitive data.\n\nhttps://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371\n\n#cve\n\nHearMeOut\n\nVoice phishing behavior detection system in AOSP\n\nHearMeOut operates as an Android system service. You need to register HearMeOut as an Android system service, referring to the description below. You also need to change the source code of each Android module so that HaerMeOut can detect voice phishing behavior.\n\nhttps://github.com/WSP-LAB/hearmeout\n\nCloudQuery\n\nThe open source high performance data integration platform designed for security and infrastructure teams.\n\nCloudQuery extracts, transforms, and loads your cloud assets. CloudQuery enables you to assess, audit, and monitor the configurations of your cloud assets.\n\nCloudQuery key use-cases and features:\n\n\u25ab\ufe0f Search: Use standard SQL to find any asset based on any configuration or relation to other assets.\n\u25ab\ufe0f Visualize: Connect CloudQuery standard PostgreSQL database to your favorite BI/Visualization tool such as Grafana, QuickSight, etc.\n\u25ab\ufe0f Policy-as-Code: Codify your security & compliance rules with SQL as the query engine.\n\nhttps://github.com/cloudquery/cloudquery\n\npip-audit\n\npip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database (https://github.com/pypa/advisory-database) via the PyPI JSON API as a source of vulnerability reports.\n\nThis project is maintained in part by Trail of Bits with support from Google. This is not an official Google or Trail of Bits product.\n\nhttps://github.com/pypa/pip-audit\n\nDoldrums\n\nA reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot.\n\nhttps://github.com/rscloura/Doldrums\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-04-01T09:04:05.000000Z"}, {"uuid": "9b6af0ed-9af7-4150-a0f3-2338ffa2cbda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/breachdetector/358753", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is Oracle WebLogic Server CVE-2022-21371?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T08:22:20.000000Z"}, {"uuid": "0a56749a-80b3-4436-9624-4dcb5e55ffe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/breachdetector/358748", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"Oracle WebLogic Server CVE-2022-21371 Nedir?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T08:22:08.000000Z"}, {"uuid": "f31a3dd2-9a32-425b-ac1d-0094ea2b999a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2137", "type": "seen", "source": "https://t.me/cibsecurity/46808", "content": "\u203c CVE-2022-2137 \u203c\n\nThe affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T18:19:37.000000Z"}, {"uuid": "8a663cc8-b865-49a8-8528-0ecd7a168b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/ctinow/199568", "content": "https://ift.tt/cUZw4Bs\nMars: CVE-2022-21371: Oracle WebLogic Server Local File Inclusion", "creation_timestamp": "2024-03-04T20:56:28.000000Z"}, {"uuid": "09d01e8a-0ebd-4f4a-8491-4f1e44d0df34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21375", "type": "seen", "source": "https://t.me/cibsecurity/35798", "content": "\u203c CVE-2022-21375 \u203c\n\nVulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:31:47.000000Z"}, {"uuid": "60cbc5cc-3e4c-4f13-ba02-f42ebd39ea99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21374", "type": "seen", "source": "https://t.me/cibsecurity/35830", "content": "\u203c CVE-2022-21374 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:38:50.000000Z"}, {"uuid": "131b6d7e-992d-4c08-b2c2-569c178b6b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21377", "type": "seen", "source": "https://t.me/cibsecurity/35824", "content": "\u203c CVE-2022-21377 \u203c\n\nVulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web API). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2 and 20.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera Portfolio Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:35:53.000000Z"}, {"uuid": "f060d915-5f97-470a-b7e6-7b64283673d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21378", "type": "seen", "source": "https://t.me/cibsecurity/35810", "content": "\u203c CVE-2022-21378 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:32:05.000000Z"}, {"uuid": "ae66dc26-00b3-40af-9d75-856922291b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21379", "type": "seen", "source": "https://t.me/cibsecurity/35807", "content": "\u203c CVE-2022-21379 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:31:58.000000Z"}, {"uuid": "ac23f3b3-949c-4449-8beb-6646776a99f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5282", "content": "#exploit\n1. CVE-2022-21371:\nOracle WebLogic Server 12.1.3/12.2.1.3/12.2.1.4/14.1.1 \n- Local File Inclusion\nhttps://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786\n\n2. CVE-2021-20038:\nSonicWall SMA-100 Unauth RCE Exploit\nhttps://github.com/jbaines-r7/badblood", "creation_timestamp": "2022-01-26T11:04:01.000000Z"}, {"uuid": "424b77f3-01db-4955-8fad-c82759659e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21370", "type": "seen", "source": "https://t.me/cibsecurity/35847", "content": "\u203c CVE-2022-21370 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:39:14.000000Z"}, {"uuid": "0e6ab0db-ddde-4ff0-86a0-12747257c7dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21372", "type": "seen", "source": "https://t.me/cibsecurity/35817", "content": "\u203c CVE-2022-21372 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T14:32:12.000000Z"}]}