{"vulnerability": "cve-2024-3514", "sightings": [{"uuid": "4ef98dc6-e8db-472b-90f5-2960efb03c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35146", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113436462739751471", "content": "", "creation_timestamp": "2024-11-06T14:24:18.277439Z"}, {"uuid": "42c66f8d-ab70-40f3-bb8d-ca24a1ac1012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35141", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113676926137621561", "content": "", "creation_timestamp": "2024-12-19T01:37:17.924280Z"}, {"uuid": "16b16e11-304d-423b-9107-87e25f96475c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35145", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113889455663072787", "content": "", "creation_timestamp": "2025-01-25T14:26:20.923444Z"}, {"uuid": "0cefb69d-606a-46c6-8ab9-1988fc85e147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35144", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113889477616794962", "content": "", "creation_timestamp": "2025-01-25T14:31:55.977342Z"}, {"uuid": "c156fdb9-16da-4259-9591-b8f604d66812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35148", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113889477632274834", "content": "", "creation_timestamp": "2025-01-25T14:31:56.185592Z"}, {"uuid": "a672f2bb-8ef7-4dd4-af04-62894df09a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35145", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lglk72p5me2y", "content": "", "creation_timestamp": "2025-01-25T18:30:36.904007Z"}, {"uuid": "d64b5917-865d-4f32-bdc5-e7a8e08e7bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35148", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lglk734nau2y", "content": "", "creation_timestamp": "2025-01-25T18:30:38.732667Z"}, {"uuid": "be4ea79b-ca8f-4cfb-b548-19b751e45ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35144", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lglk73nflx25", "content": "", "creation_timestamp": "2025-01-25T18:30:41.321259Z"}, {"uuid": "ff227f3d-264f-416f-8426-01f798894c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35145", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"}, {"uuid": "ab56908f-ad39-471c-848c-de25808394bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35144", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3106", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-3785-m3x6-8q8c\n\ud83d\udd25 CVSS Score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\ud83d\udd39 Description: IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.\n\ud83d\udccf Published: 2025-01-25T15:30:31Z\n\ud83d\udccf Modified: 2025-01-25T15:30:31Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-35144\n2. https://www.ibm.com/support/pages/node/7174953", "creation_timestamp": "2025-01-25T17:06:23.000000Z"}, {"uuid": "381a3f2f-43db-4eca-9eee-b8b2c397608b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35145", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3087", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35145\n\ud83d\udd39 Description: IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.\n\ud83d\udccf Published: 2025-01-25T14:21:59.951Z\n\ud83d\udccf Modified: 2025-01-25T14:21:59.951Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7174956", "creation_timestamp": "2025-01-25T15:05:06.000000Z"}, {"uuid": "284cb351-feb7-44cb-bfab-a037a8dd265b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35148", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3086", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35148\n\ud83d\udd39 Description: IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.\n\ud83d\udccf Published: 2025-01-25T14:28:16.353Z\n\ud83d\udccf Modified: 2025-01-25T14:28:16.353Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7174952", "creation_timestamp": "2025-01-25T15:05:06.000000Z"}, {"uuid": "8179db5f-b11c-47d9-ac8c-25f2ea2c6531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35144", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3085", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35144\n\ud83d\udd39 Description: IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system.\n\ud83d\udccf Published: 2025-01-25T14:24:56.824Z\n\ud83d\udccf Modified: 2025-01-25T14:28:35.023Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7174953", "creation_timestamp": "2025-01-25T15:05:05.000000Z"}, {"uuid": "92c464bf-2279-47d3-a0f8-5a60c48dbb9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35148", "type": "seen", "source": "https://t.me/cvedetector/16400", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35148 - IBM Maximo Application Suite SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-35148 \nPublished : Jan. 25, 2025, 3:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T18:50:36.000000Z"}, {"uuid": "97ed92e4-3a67-45c6-9dbf-806b3f07c928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35145", "type": "seen", "source": "https://t.me/cvedetector/16399", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35145 - IBM Maximo Application Suite Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35145 \nPublished : Jan. 25, 2025, 3:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T18:50:35.000000Z"}, {"uuid": "dc48ac16-a4ce-4d89-b7d7-b000fee8d195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35144", "type": "seen", "source": "https://t.me/cvedetector/16402", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35144 - IBM Maximo Application Suite Source Code Exposure Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-35144 \nPublished : Jan. 25, 2025, 3:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T18:50:38.000000Z"}, {"uuid": "f9da0a31-49c9-4f76-8ae6-19cea8c88304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35143", "type": "seen", "source": "https://t.me/cvedetector/2413", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35143 - IBM Planning Analytics MongoDB Unauthenticated Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35143 \nPublished : Aug. 4, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database.  IBM X-Force ID:  292420. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-04T16:09:59.000000Z"}, {"uuid": "62a4905f-50f9-425a-9785-ac9fdd714c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35141", "type": "seen", "source": "https://t.me/cvedetector/13298", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35141 - IBM Security Verify Access Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-35141 \nPublished : Dec. 19, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T03:55:45.000000Z"}, {"uuid": "6e8c9242-4dda-49b2-b4d8-fa822975fa2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35146", "type": "seen", "source": "https://t.me/cvedetector/10009", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35146 - IBM Maximo Application Suite - Monitor Component Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-35146 \nPublished : Nov. 6, 2024, 3:15 p.m. | 15\u00a0minutes ago \nDescription : IBM Maximo Application Suite - Monitor Component 8.10.11, 8.11.8, and 9.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-06T16:40:08.000000Z"}, {"uuid": "7d0485a4-a671-4973-891c-d65b4a488620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35141", "type": "seen", "source": "Telegram/teakle-5LxWfDGJ0hmwz-MTslVc-rKgu53w0zX_D4rcfOJq6", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}]}