{"vulnerability": "cve-2022-45608", "sightings": [{"uuid": "a0e79a17-9a2b-4d6b-893b-cf857702130b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45608", "type": "seen", "source": "https://t.me/cibsecurity/59241", "content": "\u203c CVE-2022-45608 \u203c\n\nAn issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T18:33:42.000000Z"}, {"uuid": "34b242c5-fe5c-465e-bbaf-bcc73b6af596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45608", "type": "seen", "source": "Telegram/KPnyYtbzLSpBzOGn93pCds0piSrmPqqs-sDuaP5ZdqJ5g4y5", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}]}