{"vulnerability": "CVE-2022-2323", "sightings": [{"uuid": "a98255e4-734e-4bd5-ab16-d02cde44dc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2323", "type": "seen", "source": "https://t.me/cibsecurity/47297", "content": "\u203c CVE-2022-2323 \u203c\n\nImproper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-30T00:13:52.000000Z"}, {"uuid": "4652b028-5fd2-4032-a457-83eba2c093b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23237", "type": "seen", "source": "https://t.me/cibsecurity/43701", "content": "\u203c CVE-2022-23237 \u203c\n\nE-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T18:38:36.000000Z"}, {"uuid": "7c122bf6-61ea-4b14-b77c-cfc5ea2a78ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23236", "type": "seen", "source": "https://t.me/cibsecurity/43683", "content": "\u203c CVE-2022-23236 \u203c\n\nE-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T18:35:38.000000Z"}, {"uuid": "f3967cb2-acf7-4069-b93e-e7aa702569db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23232", "type": "seen", "source": "https://t.me/cibsecurity/38450", "content": "\u203c CVE-2022-23232 \u203c\n\nStorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T20:30:17.000000Z"}, {"uuid": "d8358432-56ad-4ae4-98b6-8682625f234b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23233", "type": "seen", "source": "https://t.me/cibsecurity/38444", "content": "\u203c CVE-2022-23233 \u203c\n\nStorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T20:30:07.000000Z"}]}