{"vulnerability": "CVE-2022-2237", "sightings": [{"uuid": "b8146e56-972b-4c53-b189-776d207615fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22374", "type": "seen", "source": "https://t.me/cibsecurity/39508", "content": "\u203c CVE-2022-22374 \u203c\n\nThe BMC (IBM Power 9 AC922 OP910, OP920, OP930, and OP940) may be subject to downgrade attack which may affect its ability to operate its host. IBM X-Force ID: 221442.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-24T21:29:49.000000Z"}, {"uuid": "6a813535-d8d9-443b-b8ed-1fd23a9d2c87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2237", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5226", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2237\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:15:29.345Z\n\ud83d\udd17 References:\n1. https://bugzilla.redhat.com/show_bug.cgi?id=2097007", "creation_timestamp": "2025-02-24T20:22:35.000000Z"}, {"uuid": "0e3e35dc-a278-4ed2-bcc2-260004d7eb48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22377", "type": "seen", "source": "https://t.me/cibsecurity/72398", "content": "\u203c CVE-2022-22377 \u203c\n\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T07:32:36.000000Z"}, {"uuid": "515f5b32-9973-4715-a412-893b2854da7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22375", "type": "seen", "source": "https://t.me/cibsecurity/72408", "content": "\u203c CVE-2022-22375 \u203c\n\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T07:32:47.000000Z"}, {"uuid": "a62a903e-93c7-490b-a127-1b77dea7680c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22370", "type": "seen", "source": "https://t.me/cibsecurity/45831", "content": "\u203c CVE-2022-22370 \u203c\n\nIBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221194.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T22:18:33.000000Z"}]}