{"vulnerability": "CVE-2023-3120", "sightings": [{"uuid": "02db1ba7-22e0-4221-b584-e35e5795bf77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31208", "type": "seen", "source": "https://t.me/cibsecurity/64305", "content": "\u203c CVE-2023-31208 \u203c\n\nImproper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-27T21:22:17.000000Z"}, {"uuid": "340d4bb0-a2e6-4649-b05d-bdce992273b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31206", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/64536", "content": "\u203c CVE-2023-31206 \u203c\n\nExposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0.\u00c2\u00a0Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T18:24:40.000000Z"}, {"uuid": "f7adfbf7-5a3f-4688-849a-b10d6dec7f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31200", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/258", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31200\n\ud83d\udd39 Description: \n\n\n\n\nPTC Vuforia Studio does not require a token; this could allow an \nattacker with local access to perform a cross-site request forgery \nattack or a replay attack.\n\n\n\ud83d\udccf Published: 2023-06-07T21:52:29.300Z\n\ud83d\udccf Modified: 2025-01-06T20:57:59.055Z\n\ud83d\udd17 References:\n1. https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13", "creation_timestamp": "2025-01-06T21:38:49.000000Z"}, {"uuid": "0e744d0a-a0b9-4c00-8cad-b9d087ffd3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31209", "type": "seen", "source": "https://t.me/cibsecurity/68177", "content": "\u203c CVE-2023-31209 \u203c\n\nImproper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T12:15:38.000000Z"}, {"uuid": "e9e92a40-fbfc-4708-a843-d19ebe05ed70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31200", "type": "seen", "source": "https://t.me/cibsecurity/65059", "content": "\u203c CVE-2023-31200 \u203c\n\nPTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a replay attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-08T03:19:24.000000Z"}]}