{"vulnerability": "cve-2022-4392", "sightings": [{"uuid": "be54ee82-55f7-40aa-9551-e78a059b9412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43922", "type": "seen", "source": "https://t.me/cibsecurity/57331", "content": "\u203c CVE-2022-43922 \u203c\n\nIBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:31.000000Z"}, {"uuid": "2acd08f8-3c43-4243-adc1-73c15e5a95a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43929", "type": "seen", "source": "https://t.me/cibsecurity/58453", "content": "\u203c CVE-2022-43929 \u203c\n\nIBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:25.000000Z"}, {"uuid": "2b17aa6e-7d3a-41ff-805a-1723bafe00fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43923", "type": "seen", "source": "https://t.me/cibsecurity/58880", "content": "\u203c CVE-2022-43923 \u203c\n\nIBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. IBM X-Force ID: 241584.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-24T18:19:27.000000Z"}, {"uuid": "a68397c3-0db7-496b-af8b-3e064486bfa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43920", "type": "seen", "source": "https://t.me/cibsecurity/55909", "content": "\u203c CVE-2022-43920 \u203c\n\nIBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter. IBM X-Force ID: 241362.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T20:18:19.000000Z"}, {"uuid": "2e3df7c7-8397-4862-9ffe-86d0773eb64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43928", "type": "seen", "source": "https://t.me/cibsecurity/61691", "content": "\u203c CVE-2022-43928 \u203c\n\nThe IBM Toolbox for Java (Db2 Mirror for i 7.4 and 7.5) could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memory over an indefinite amount of time. IBM has addressed this issue by reducing the amount of time the sensitive data is visible in memory. IBM X-Force ID: 241675.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T18:29:21.000000Z"}, {"uuid": "42e583e9-6bcc-4010-a2db-9ae1d98ea510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43927", "type": "seen", "source": "https://t.me/cibsecurity/58446", "content": "\u203c CVE-2022-43927 \u203c\n\nIBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:18.000000Z"}]}