{"vulnerability": "cve-2023-2257", "sightings": [{"uuid": "c9fab332-2e0f-40a3-bbeb-bd970aa6c3e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22574", "type": "seen", "source": "https://t.me/cibsecurity/57292", "content": "\u203c CVE-2023-22574 \u203c\n\nDell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:16.000000Z"}, {"uuid": "0a9538e1-6c00-485a-93e1-222658160452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22577", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7139", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22577\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Within White Rabbit Switch it's possible as an unauthenticated user to retrieve sensitive information such as password hashes and the SNMP community strings.\n\ud83d\udccf Published: 2023-04-24T08:14:53.265Z\n\ud83d\udccf Modified: 2025-03-11T13:07:30.509Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/CVE-2023-22577/\n2. https://csirt.divd.nl/DIVD-2022-00068/", "creation_timestamp": "2025-03-11T13:39:59.000000Z"}, {"uuid": "13257bfc-4a4b-44d8-b317-4024fb554c32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22573", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8919", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22573\n\ud83d\udd25 CVSS Score: 7.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L)\n\ud83d\udd39 Description: Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure.\n\n\n\ud83d\udccf Published: 2023-02-01T13:10:52.633Z\n\ud83d\udccf Modified: 2025-03-26T18:03:40.929Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000207863/dell-powerscale-onefs-security-updates-for-multiple-security", "creation_timestamp": "2025-03-26T18:25:28.000000Z"}, {"uuid": "5dfcdcd3-3989-47d5-aa4b-b488430ed390", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8920", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22575\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges.\n\n\n\ud83d\udccf Published: 2023-02-01T13:16:56.674Z\n\ud83d\udccf Modified: 2025-03-26T18:03:21.307Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000207863/dell-powerscale-onefs-security-updates-for-multiple-security", "creation_timestamp": "2025-03-26T18:25:29.000000Z"}, {"uuid": "b7b7cd2f-1be1-4c15-9bb3-1acf167ffacc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2257", "type": "seen", "source": "Telegram/lhPCP0aXGuYE0oHPl-weHwf1K-9CuhT4PqHw9Da9QI1Gdwl-", "content": "", "creation_timestamp": "2025-02-06T02:41:38.000000Z"}, {"uuid": "a3afb9b1-ca7a-491e-bde5-dca2baa43d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22579", "type": "seen", "source": "https://t.me/cibsecurity/58332", "content": "\u203c CVE-2023-22579 \u203c\n\nDue to improper parameter filtering in the sequalize js library, can a attacker peform injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T18:12:40.000000Z"}, {"uuid": "fdef02ea-fd08-4ed6-9481-b62593e49de7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22578", "type": "seen", "source": "https://t.me/cibsecurity/58327", "content": "\u203c CVE-2023-22578 \u203c\n\nDue to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T18:12:35.000000Z"}, {"uuid": "a25265d8-b5a3-47f1-9269-3999524ca050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22576", "type": "seen", "source": "https://t.me/cvedetector/3765", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-22576 - Dell Repository Manager Local Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-22576 \nPublished : Aug. 21, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T13:13:41.000000Z"}, {"uuid": "ca60d609-d03c-4a57-bad0-7126131e8328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2257", "type": "seen", "source": "https://t.me/cibsecurity/62742", "content": "\u203c CVE-2023-2257 \u203c\n\nAuthentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented \"Force Login\" security feature.This vulnerability occurs only if \"Force Login\" feature is enabled on the Hub Business instance and that an attacker has access to a locked Workspace desktop application configured with a Hub Business space.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T22:19:31.000000Z"}, {"uuid": "6b8064aa-9c41-4014-9283-b22d140ac3ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22572", "type": "seen", "source": "https://t.me/cibsecurity/57300", "content": "\u203c CVE-2023-22572 \u203c\n\nDell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:27.000000Z"}, {"uuid": "7241eb05-61d8-4dc0-a779-6955a21b710c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22573", "type": "seen", "source": "https://t.me/cibsecurity/57287", "content": "\u203c CVE-2023-22573 \u203c\n\nDell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:09.000000Z"}, {"uuid": "c7d78bc1-ddfe-4939-beb1-cc5c9ba5f3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22575", "type": "seen", "source": "https://t.me/cibsecurity/57285", "content": "\u203c CVE-2023-22575 \u203c\n\nDell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T16:14:07.000000Z"}]}