{"vulnerability": "cve-2023-2789", "sightings": [{"uuid": "2993dd98-4290-4304-b841-b3d161c36d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10774", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2023-27898 and CVE-2023-27905: CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE.\n\nhttps://blog.aquasec.com/jenkins-server-vulnerabilities", "creation_timestamp": "2023-03-09T13:39:22.000000Z"}, {"uuid": "c53abfe8-da8d-4490-a9d8-b7d5e4c7fd29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27894", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5742", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27894\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to execute malicious requests, resulting in sensitive information disclosure. This causes limited impact on confidentiality of data.\n\n\n\ud83d\udccf Published: 2023-03-14T05:03:25.121Z\n\ud83d\udccf Modified: 2025-02-27T18:03:47.806Z\n\ud83d\udd17 References:\n1. https://launchpad.support.sap.com/#/notes/3287120\n2. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "creation_timestamp": "2025-02-27T18:27:03.000000Z"}, {"uuid": "7b4b86dd-9a07-47e8-9b01-e2fe76e24a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27891", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6687", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27891\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. The fixed versions are 4.15.1, 4.16.1, and 4.17.1.\n\ud83d\udccf Published: 2023-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T15:17:33.590Z\n\ud83d\udd17 References:\n1. https://pretix.eu/about/en/blog/20230306-release-4171/", "creation_timestamp": "2025-03-06T16:07:06.000000Z"}, {"uuid": "3c01e3fc-7b6c-41d7-bfc1-944c073fa95f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/163", "content": "CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE\n\n\ud83d\udc64 by Ilay Goldman and Yair Kadkoda\n\nAqua Nautilus researchers have discovered a chain of vulnerabilities, dubbed CorePlague, in the widely used Jenkins Server and Update Center (CVE-2023-27898, CVE-2023-27905). Exploiting these vulnerabilities could allow an unauthenticated attacker to execute arbitrary code on the victim's Jenkins server, potentially leading to a complete compromise of the Jenkins server.\n\n\ud83d\udcdd Contents:\n\u25cf The Research in a Nutshell\n\u25cf Frequently Asked Questions\n\u25cf Some Basic Jenkins Definitions\n\u25cf Improper Sanitation: The Jenkins Update Center\n\u25cf CVE-2023-27905\n\u25cf CVE-2023-27898\n\u25cf The Tiering Mechanism\n\u25cf From XSS to RCE\n\u25cf Bringing the malicious plugin to the front\n\u25cf Attack steps summary\n\u25cf Disclosure timeline\n\u25cf In Summary\n\nhttps://blog.aquasec.com/jenkins-server-vulnerabilities", "creation_timestamp": "2023-03-09T06:16:33.000000Z"}, {"uuid": "c174b229-3952-47ce-a076-0da02f85c672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/arpsyndicate/1727", "content": "#ExploitObserverAlert\n\nCVE-2023-27898\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-27898. Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 6.0\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T12:03:28.000000Z"}, {"uuid": "b43a2fa6-0c18-431c-a172-c166aa63f2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27897", "type": "seen", "source": "https://t.me/cibsecurity/61823", "content": "\u203c CVE-2023-27897 \u203c\n\nIn SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform. Depending on the function executed, the attack can can have limited impact on confidentiality and integrity of non-critical user or application data and application availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T07:23:12.000000Z"}, {"uuid": "edd7c69a-eea4-4e37-affa-4022dc64e03e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27891", "type": "seen", "source": "https://t.me/cibsecurity/59542", "content": "\u203c CVE-2023-27891 \u203c\n\nrami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. The fixed versions are 4.15.1, 4.16.1, and 4.17.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T02:13:35.000000Z"}, {"uuid": "f2782673-a19d-4aa8-a7c1-51cc8f0436c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27894", "type": "seen", "source": "https://t.me/cibsecurity/59947", "content": "\u203c CVE-2023-27894 \u203c\n\nSAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to execute malicious requests, resulting in sensitive information disclosure. This causes limited impact on confidentiality of data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T12:54:03.000000Z"}, {"uuid": "73f4465e-3ff9-4359-9061-588a6856c0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/cibsecurity/59836", "content": "\u203c CVE-2023-27898 \u203c\n\nJenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-11T00:21:30.000000Z"}, {"uuid": "a36d90d2-4b2c-4b86-be3f-c214521a6917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27899", "type": "seen", "source": "https://t.me/cibsecurity/59850", "content": "\u203c CVE-2023-27899 \u203c\n\nJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-11T00:27:27.000000Z"}, {"uuid": "8aa27ab9-ee63-4903-a2b5-205e03a43fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27896", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27896\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability.\n\n\n\ud83d\udccf Published: 2023-03-14T05:02:29.225Z\n\ud83d\udccf Modified: 2025-02-27T18:04:36.525Z\n\ud83d\udd17 References:\n1. https://launchpad.support.sap.com/#/notes/3287120\n2. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "creation_timestamp": "2025-02-27T18:27:02.000000Z"}, {"uuid": "735e04c9-99c3-420f-8547-8c6c9b0df71a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/kasperskyb2b/511", "content": "\ud83d\udde3\u0414\u0430\u0439\u0434\u0436\u0435\u0441\u0442 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0438:\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c OneNote \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 Microsoft \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0443\u0441\u0438\u043b\u0435\u043d\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u0442 \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 OneNote-\u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0430\u043f\u0440\u0435\u043b\u044f. \u0415\u0441\u043b\u0438 \u043d\u0435 \u0436\u0435\u043b\u0430\u0435\u0442\u0435 \u0436\u0434\u0430\u0442\u044c \u043c\u0438\u043b\u043e\u0441\u0442\u0435\u0439 \u043e\u0442 \u043f\u0440\u0438\u0440\u043e\u0434\u044b \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f OneNote \u0446\u0435\u043b\u0438\u043a\u043e\u043c \u0438\u043b\u0438 \u043f\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f\u043c \u043c\u043e\u0436\u043d\u043e \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u043e\u0432\u044b\u0445 \u043f\u043e\u043b\u0438\u0442\u0438\u043a Microsoft 365.\n\n\u2705 Github \u0432\u0432\u043e\u0434\u0438\u0442 c \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0435\u0433\u043e \u0434\u043d\u044f \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u0443\u044e 2FA \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0441 1 \u043c\u0430\u0440\u0442\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0441\u0435\u0440\u0432\u0438\u0441 \u043f\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u044b.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Jenkins (CVE-2023-27898, 27899, 27905) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.  \u041d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Jenkins / Jenkins LTS, \u0430 \u0442\u0430\u043a\u0436\u0435 update-center2.\n\n\u0421\u0440\u043e\u0447\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f FortiOS \u0438 FortiProxy \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0438 buffer underflow, \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 FortiGate \u0438 FortiWiFi (CVE-2023-25610, CVSS 9.3).\n\n\u0421\u0442\u0430\u0440\u044b\u0435, \u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 VMWare Cloud Foundation (CVE-2021-39144, CVSS 9.8) \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u0442\u043e\u0438\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u0430\u0442\u0447\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u044b. \n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u0439  Veeam Backup &amp; Replication \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438, \u043a\u0430\u043a \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 \u2014 \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f (CVE-2023-27532, CVSS 7.5). \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a TCP \u043f\u043e\u0440\u0442\u0443 9401 \u043d\u0430 backup-\u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u27a1\ufe0f \u041a\u043e\u043c\u0430\u043d\u0434\u0430 Kaspersky ICS \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u0437\u043e\u0440 \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0430 \u0443\u0433\u0440\u043e\u0437 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u2014 \u0432 \u0420\u0424 \u0447\u0430\u0449\u0435 \u0441\u0442\u0430\u043b\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0442\u044c\u0441\u044f \u0430\u0442\u0430\u043a\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u0438\u043d\u0436\u0438\u043d\u0438\u0440\u0438\u043d\u0433\u0430 \u0438 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u0435\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442", "creation_timestamp": "2023-03-13T09:03:22.000000Z"}, {"uuid": "14bb9af1-d691-4b00-a2e8-2644438f4f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2789", "type": "seen", "source": "https://t.me/cibsecurity/64401", "content": "\u203c CVE-2023-2789 \u203c\n\nA vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T16:32:07.000000Z"}, {"uuid": "84063aab-10e4-4562-91f5-50582e88c965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27890", "type": "seen", "source": "https://t.me/cibsecurity/62100", "content": "\u203c CVE-2023-27890 \u203c\n\n** UNSUPPORTED WHEN ASSIGNED ** The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T07:30:32.000000Z"}, {"uuid": "5f357be9-3d90-41ff-8c87-2df2e3f311f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5966", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27898\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.\n\ud83d\udccf Published: 2023-03-08T17:14:48.437Z\n\ud83d\udccf Modified: 2025-02-28T18:34:50.742Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3037", "creation_timestamp": "2025-02-28T19:27:14.000000Z"}, {"uuid": "27f2dc82-ec22-42a6-ac38-37845198235d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27899", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5965", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27899\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.\n\ud83d\udccf Published: 2023-03-08T17:14:49.111Z\n\ud83d\udccf Modified: 2025-02-28T18:36:45.296Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823", "creation_timestamp": "2025-02-28T19:27:12.000000Z"}, {"uuid": "0732dc4f-7a02-4e24-ba0c-771e3033a4eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27899", "type": "seen", "source": "Telegram/KGT8gUaSIIoiIPNE4U8Ou3mFk7N1ekXTEXf7ZAnV76e0hK9g", "content": "", "creation_timestamp": "2025-03-02T11:45:39.000000Z"}, {"uuid": "80c70b81-ed7c-4191-aa85-e0e87fe10af2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "Telegram/aJLashonnJzjd9qHbhAQzxown5igxH6OgiLOZc4t6edTbHLJ", "content": "", "creation_timestamp": "2025-03-02T11:45:39.000000Z"}, {"uuid": "3a362a05-b2ec-405b-aae5-693aa26b631c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/KomunitiSiber/34", "content": "Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks\nhttps://thehackernews.com/2023/03/jenkins-security-alert-new-security.html\n\nA pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems.\nThe flaws, tracked as\u00a0CVE-2023-27898\u00a0and\u00a0CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened\u00a0CorePlague\u00a0by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are", "creation_timestamp": "2023-03-09T04:59:49.000000Z"}, {"uuid": "6286c7da-d2ee-4484-ab22-b086152f5e82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27898", "type": "seen", "source": "https://t.me/true_secator/4155", "content": "\u0412 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u043a\u043e\u0434\u043e\u043c Jenkins \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0430\u0440\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-27898 \u0438 CVE-2023-27905 \u0438 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Jenkins \u0438 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Aqua, \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e, \u0434\u0430\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c CorePlague. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Jenkins \u0434\u043e 2.319.2.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Jenkins \u0436\u0435\u0440\u0442\u0432\u044b, \u0447\u0442\u043e \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b \u0441 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0426\u0435\u043d\u0442\u0440\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443 \u0443\u0433\u0440\u043e\u0437\u044b \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u0438 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 (XSS).\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0436\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u043e\u0435\u0442 Available Plugin Manager \u043d\u0430 \u0441\u0432\u043e\u0435\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Jenkins, \u0442\u043e \u0441\u0440\u0430\u0437\u0443 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f XSS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f API \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0439 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0433\u043e XSS, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u0434 JavaScript \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043f\u043e\u0441\u0435\u0449\u0435\u043d\u0438\u044f URL-\u0430\u0434\u0440\u0435\u0441\u0430 \u043f\u043b\u0430\u0433\u0438\u043d\u0430.\n\n\u0422\u0440\u0435\u0432\u043e\u0436\u043d\u044b\u043c \u043c\u043e\u043c\u0435\u043d\u0442\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u0442 \u0444\u0430\u043a\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Jenkins \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u0430\u0436\u0435 \u0432 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u0446\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Jenkins \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c Jenkins \u0438 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0432\u0435\u0440\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u043a\u0430\u043d\u0430\u043b\u0430 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 Available Plugin Manager.", "creation_timestamp": "2023-03-10T17:00:11.000000Z"}]}