{"vulnerability": "CVE-2024-4688", "sightings": [{"uuid": "07d19620-36e0-435a-91fc-040d54bf98a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46887", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-284-10", "content": "", "creation_timestamp": "2024-10-10T12:00:00.000000Z"}, {"uuid": "e5702155-6c46-4e00-ae91-31528854b3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46886", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-284-01", "content": "", "creation_timestamp": "2024-10-10T12:00:00.000000Z"}, {"uuid": "60736438-b354-4f40-83fb-859bbb33bc2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113893250306639303", "content": "", "creation_timestamp": "2025-01-26T06:31:22.594488Z"}, {"uuid": "31ecf346-d66e-4c91-87d3-7aba15727202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgmuwz5fse2f", "content": "", "creation_timestamp": "2025-01-26T07:15:37.352962Z"}, {"uuid": "f999684a-8556-4ade-a05e-70b26bcbd312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46886", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1475", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46886\n\ud83d\udd39 Description: The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.\n\ud83d\udccf Published: 2024-10-08T08:40:41.244Z\n\ud83d\udccf Modified: 2025-01-14T10:30:06.676Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-876787.html", "creation_timestamp": "2025-01-14T11:08:25.000000Z"}, {"uuid": "ec421047-ba98-47ef-bdfe-466e8bffd4a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1474", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46887\n\ud83d\udd39 Description: The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.\n\ud83d\udccf Published: 2024-10-08T08:40:43.510Z\n\ud83d\udccf Modified: 2025-01-14T10:30:09.314Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-054046.html", "creation_timestamp": "2025-01-14T11:08:23.000000Z"}, {"uuid": "7a266406-0768-4318-8420-f8916e4097ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46881\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-26T07:15:08.947\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://security.gradle.com/advisory/2024-03", "creation_timestamp": "2025-01-26T09:14:38.000000Z"}, {"uuid": "2629b0f4-847a-4aac-88dc-23fda061469a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46886", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10876", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46886\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.\n\ud83d\udccf Published: 2024-10-08T08:40:41.244Z\n\ud83d\udccf Modified: 2025-04-08T08:22:17.262Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-876787.html", "creation_timestamp": "2025-04-08T08:46:39.000000Z"}, {"uuid": "a65260bd-0e13-4cad-9e2a-362339b7ae93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10875", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46887\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.\n\ud83d\udccf Published: 2024-10-08T08:40:43.510Z\n\ud83d\udccf Modified: 2025-04-08T08:22:19.997Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-054046.html", "creation_timestamp": "2025-04-08T08:46:39.000000Z"}, {"uuid": "4a8d8fd2-e107-4b4d-8229-a1fbc1c0813c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46889", "type": "seen", "source": "https://t.me/cvedetector/10610", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46889 - SINEC INS Crypto Key Material Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-46889 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:46.000000Z"}, {"uuid": "fd4e6eff-5cdc-4ff4-b919-745094ff21f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4688", "type": "seen", "source": "Telegram/wLTEsbk-i3gdE-bTC8ToFixpb3eKiE1svUJWQcpaLRWfqoxA", "content": "", "creation_timestamp": "2025-02-19T22:21:29.000000Z"}, {"uuid": "df375779-3a38-49b1-9183-446c7578b65a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3127", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-cw76-h7wr-rh77\n\ud83d\udd25 CVSS Score: N/A (CVSS_V3)\n\ud83d\udd39 Description: Develocity (formerly Gradle Enterprise) before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 (in affected vulnerable versions) does not include the projects section of the configuration. This leads to all of the project settings being reset to their defaults when the old schema is loaded. In the case of projects.enabled, the default is false. Thus, using an enterprise config v8 results in Project level access control being disabled, even if it was previously enabled, and previously restricted project information disclosed. Most commonly, this occurs when a Develocity instance is upgraded from an earlier version. Specifically, this occurs if: Develocity 2023.3.X is upgraded to 2023.4.X; Develocity 2023.3.X is upgraded to 2024.1.X up to and including 2024.1.7; or Develocity 2023.4.X is upgraded to 2024.1.X up to and including 2024.1.7. The flaw does not occur when upgrading to a fixed version. An upgrade can only be triggered via administrator access, and cannot be forced by an external attacker.\n\ud83d\udccf Published: 2025-01-26T09:30:32Z\n\ud83d\udccf Modified: 2025-01-26T09:30:32Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-46881\n2. https://security.gradle.com/advisory/2024-03", "creation_timestamp": "2025-01-26T10:06:15.000000Z"}, {"uuid": "606c30f9-5121-44e5-b1b3-e6c252399ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46887\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.\n\ud83d\udccf Published: 2024-10-08T08:40:43.510Z\n\ud83d\udccf Modified: 2025-03-11T09:47:55.985Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-054046.html", "creation_timestamp": "2025-03-11T10:39:07.000000Z"}, {"uuid": "8fb1c360-ba8f-4d53-87f1-6a9c1d54a1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://t.me/cvedetector/16405", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46881 - Develocity Gradle Enterprise Incorrect Access Control\", \n  \"Content\": \"CVE ID : CVE-2024-46881 \nPublished : Jan. 26, 2025, 7:15 a.m. | 37\u00a0minutes ago \nDescription : Develocity (formerly Gradle Enterprise) before 2024.1.8 has Incorrect Access Control. Project-level access control configuration was introduced in Enterprise Config schema version 8. Migration functionality from schema version 8 to versions 9 and 10 (in affected vulnerable versions) does not include the projects section of the configuration. This leads to all of the project settings being reset to their defaults when the old schema is loaded. In the case of projects.enabled, the default is false. Thus, using an enterprise config v8 results in Project level access control being disabled, even if it was previously enabled, and previously restricted project information disclosed. Most commonly, this occurs when a Develocity instance is upgraded from an earlier version. Specifically, this occurs if: Develocity 2023.3.X is upgraded to 2023.4.X; Develocity 2023.3.X is upgraded to 2024.1.X up to and including 2024.1.7; or Develocity 2023.4.X is upgraded to 2024.1.X up to and including 2024.1.7. The flaw does not occur when upgrading to a fixed version. An upgrade can only be triggered via administrator access, and cannot be forced by an external attacker. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-26T09:03:11.000000Z"}, {"uuid": "3ce385cf-4100-41fb-8f2b-416aebd1a24a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46888", "type": "seen", "source": "https://t.me/cvedetector/10615", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46888 - SINEC INS SFTP Path Manipulation Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46888 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:53.000000Z"}, {"uuid": "f62b0b85-9ea3-44d7-8947-04c85041d659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46887", "type": "seen", "source": "https://t.me/cvedetector/7342", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46887 - Eaton Power Xplorer Unauthenticated Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-46887 \nPublished : Oct. 8, 2024, 9:15 a.m. | 42\u00a0minutes ago \nDescription : The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T12:02:20.000000Z"}, {"uuid": "fdfda214-f6e4-4a3a-a593-ac489f9f857a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46886", "type": "seen", "source": "https://t.me/cvedetector/7341", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46886 - \"WordPress Open Redirect Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-46886 \nPublished : Oct. 8, 2024, 9:15 a.m. | 42\u00a0minutes ago \nDescription : The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T12:02:17.000000Z"}, {"uuid": "05ca9963-1271-43f3-a42b-69d45de42a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46889", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470191442066903", "content": "", "creation_timestamp": "2024-11-12T13:21:56.859488Z"}, {"uuid": "fcd8dfd2-bca2-407d-9f71-cb16a03d7d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46888", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470191407753691", "content": "", "creation_timestamp": "2024-11-12T13:21:56.476968Z"}, {"uuid": "70c79a3e-73db-4b60-8aa6-869fc602aeac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46888", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "8dc1895a-e8df-4a7b-b5e1-889c1482506b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46889", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "2d88b28c-aac0-4a15-bbea-6242c6eefd11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46881", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgmzfl6m5z2w", "content": "", "creation_timestamp": "2025-01-26T08:35:24.244651Z"}, {"uuid": "2467d3a3-8711-419d-9be7-3c39987ef47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46886", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46886\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.\n\ud83d\udccf Published: 2024-10-08T08:40:41.244Z\n\ud83d\udccf Modified: 2025-03-11T09:47:53.656Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-876787.html", "creation_timestamp": "2025-03-11T10:39:08.000000Z"}]}