{"vulnerability": "CVE-2024-4693", "sightings": [{"uuid": "89e79fd8-e5b7-477e-ab74-118212c5c033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46933", "type": "seen", "source": "https://t.me/cvedetector/18592", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46933 - Atos Eviden BullSequana XH2140 BMC Privilege Escalation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-46933 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C4EM-125: OMF_C4E 101.05.0014. Some BullSequana XH products were shipped without proper hardware programming, leading to a potential denial-of-service with privileged access. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:29.000000Z"}, {"uuid": "feced302-2542-40be-836f-7b9e81fb9408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46937", "type": "seen", "source": "https://t.me/cvedetector/5722", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46937 - MFASOFT Secure Authentication Server (SAS) IDOR Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46937 \nPublished : Sept. 16, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the serial parameter by number identifier: GA00001, GA00002, GA00003, etc. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-16T16:11:41.000000Z"}, {"uuid": "34928649-66ef-4f6f-b375-193fee304889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46938", "type": "seen", "source": "https://t.me/cvedetector/5700", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46938 - Sitecore File Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46938 \nPublished : Sept. 15, 2024, 10:15 p.m. | 43\u00a0minutes ago \nDescription : An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary files. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-16T01:08:32.000000Z"}, {"uuid": "3880569f-a15b-4f97-afea-93406f39f5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46938", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113526260681347063", "content": "", "creation_timestamp": "2024-11-22T11:01:06.031919Z"}, {"uuid": "905b5ccf-521a-4625-b277-351183fd4b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46938", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-24)", "content": "", "creation_timestamp": "2025-07-24T00:00:00.000000Z"}, {"uuid": "679d6a20-e481-4cd7-b9b3-1b247b56e534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46933", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4805", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46933\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AC:H/AV:N/A:H/C:N/I:H/PR:H/S:C/UI:N)\n\ud83d\udd39 Description: An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C4EM-125: OMF_C4E 101.05.0014. Some BullSequana XH products were shipped without proper hardware programming, leading to a potential denial-of-service with privileged access.\n\ud83d\udccf Published: 2025-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T18:37:57.102Z\n\ud83d\udd17 References:\n1. https://eviden.com\n2. https://support.bull.com/ols/product/security/psirt/security-bulletins/ast2600-left-unconfigured-in-bullsequana-xh2140-psirt-270-tlp-clear-version-2-7-cve-2024-46933/view", "creation_timestamp": "2025-02-20T19:49:36.000000Z"}, {"uuid": "b320cfd9-8c64-4b96-8559-25a36be8c3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46938", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-46938.yaml", "content": "", "creation_timestamp": "2024-11-22T12:17:30.000000Z"}, {"uuid": "1ff919b0-efea-46bb-a3c4-d6701ace5868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46939", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113558506207465195", "content": "", "creation_timestamp": "2024-11-28T03:41:33.593150Z"}]}