{"vulnerability": "cve-2022-2315", "sightings": [{"uuid": "6819c3e5-4500-4cf3-91ff-d3e68f4cf83d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23155", "type": "seen", "source": "https://t.me/cibsecurity/40022", "content": "\u203c CVE-2022-23155 \u203c\n\nDell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T00:19:59.000000Z"}, {"uuid": "b17b8dfa-54f1-4576-a1c3-e0603e58acef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23156", "type": "seen", "source": "https://t.me/cibsecurity/40021", "content": "\u203c CVE-2022-23156 \u203c\n\nWyse Device Agent version 14.6.1.4 and below contain an Improper Authentication vulnerability. A malicious user could potentially exploit this vulnerability by providing invalid input in order to obtain a connection to WMS server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T00:19:57.000000Z"}, {"uuid": "a9046e6b-f234-4466-8031-c2ff9435f6b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2315", "type": "seen", "source": "https://t.me/cibsecurity/50180", "content": "\u203c CVE-2022-2315 \u203c\n\nDatabase Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T12:40:41.000000Z"}, {"uuid": "8f3575f6-34e2-45aa-9b78-00a73cac6967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23159", "type": "seen", "source": "https://t.me/cibsecurity/40668", "content": "\u203c CVE-2022-23159 \u203c\n\nDell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T22:17:08.000000Z"}, {"uuid": "cc657bed-c027-41ef-ad9e-dd1e2475bdb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23157", "type": "seen", "source": "https://t.me/cibsecurity/40018", "content": "\u203c CVE-2022-23157 \u203c\n\nWyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T00:19:54.000000Z"}, {"uuid": "a6648221-5382-4c08-b70f-86286311a6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23158", "type": "seen", "source": "https://t.me/cibsecurity/40017", "content": "\u203c CVE-2022-23158 \u203c\n\nWyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A local authenticated user with standard privilege could potentially exploit this vulnerability and provide incorrect port information and get connected to valid WMS server\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T00:19:53.000000Z"}]}