{"vulnerability": "cve-2024-2027", "sightings": [{"uuid": "7557c1fc-bc2e-4c31-89cd-149cfa456568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "Telegram/NHqLzGMxSWWaxh4qv_5hvBRz6nYsonlkC4FDV_cGtBa4JQ", "content": "", "creation_timestamp": "2024-01-11T06:58:45.000000Z"}, {"uuid": "280d6149-5784-4655-9870-290dc6dab0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/267", "content": "\ud83d\udea8 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). \n \nDon't let attackers compromise your system. Check if your version is affected and update now. \n \nFull details here \ud83d\udc49 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html", "creation_timestamp": "2024-01-11T08:10:42.000000Z"}, {"uuid": "d3ecfb8c-a8cc-4ee7-9b54-ba0177c18099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/KomunitiSiber/1322", "content": "Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software\nhttps://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html\n\nCisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system.\nTracked as\u00a0CVE-2024-20272\u00a0(CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific", "creation_timestamp": "2024-01-11T07:26:15.000000Z"}, {"uuid": "0a824c18-ad6b-4489-abef-8a3ed9b1e149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/419180", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 CVE-2024-20272 \u0432 Unity Connection \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u0431\u0435\u0437 \u043f\u0430\u0440\u043e\u043b\u044f\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"12 Jan 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-01-12T11:11:51.000000Z"}, {"uuid": "1db6664a-319f-4e66-847b-e4a21675c45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/cyberden_team/493", "content": "\ud83d\udca5\u0421\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430\n\n\u0412 \u044d\u0442\u043e\u0439 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430:\n\nCVE-2024-23897\nCVE-2024-0402 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0204 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0230 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a02.4\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20253 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20272 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.3\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21591 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0200 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0507 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21737 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.1\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21672 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21673 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21674 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.5\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22197 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22198 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.", "creation_timestamp": "2024-02-12T11:59:05.000000Z"}, {"uuid": "e208a23f-c23e-4c76-adf3-fe9f7c2baaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/true_secator/5283", "content": "Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043d\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043c\u0435\u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u043e\u0439 \u043f\u043e\u0447\u0442\u044b Unity Connection.\n\nCVE-2024-20272, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root.\n\n\u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u043c API \u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\nCisco Unity Connection 12.5.1.19017-4 \u0438 14.0.1.14006-5 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u043d\u043e \u043e\u0431\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043d\u044b\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u043c\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u0432\u044f\u0437\u0430\u0442\u044c\u0441\u044f \u0441 \u0442\u0435\u0445\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\u00a0\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u043e\u043c-\u043b\u0438\u0431\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0441\u0440\u0435\u0434\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d PoC \u0434\u043b\u044f \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 WAP371 Wireless-AC/N, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u043e.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-20287, \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 WAP371 \u0441 \u0435\u0434\u0438\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043a\u0430\u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0412 2019 \u0433\u043e\u0434\u0443 WAP371 \u0434\u043e\u0441\u0442\u0438\u0433 \u0441\u0442\u0430\u0442\u0443\u0441\u0430 EOL \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2020 \u0433\u043e\u0434\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u041f\u041e \u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c, \u0432\u0441\u0435 \u0435\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c \u0435\u0435, \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 Cisco Business 240AC. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, Cisco (PSIRT) \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u041d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 TelePresence Management Suite, ThousandEyes Enterprise Agent, Evolved Programmable Network Manager \u0438 Prime Infrastructure, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 BroadWorks \u0438 Identity Services Engine.", "creation_timestamp": "2024-01-11T16:30:05.000000Z"}, {"uuid": "b8674fea-19c5-4023-97ec-0ca86523609e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/174987", "content": "https://ift.tt/en8KAXl\nCVE-2024-20270 | Cisco BroadWorks Application Delivery Platform Web-based Management Interface cross site scripting (cisco-sa-broadworks-xss-6syj82Ju)", "creation_timestamp": "2024-01-28T18:01:41.000000Z"}, {"uuid": "ac907704-db7f-487b-974b-8d9e1403f74b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/166338", "content": "https://ift.tt/bUx1NWP\nCisco fixed critical Unity Connection vulnerability CVE-2024-20272", "creation_timestamp": "2024-01-11T07:51:25.000000Z"}, {"uuid": "37a95283-5876-4f60-9b05-89ce0e5fb772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/thehackernews/4381", "content": "\ud83d\udea8 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). \n \nDon't let attackers compromise your system. Check if your version is affected and update now. \n \nFull details here \ud83d\udc49 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html", "creation_timestamp": "2024-01-11T05:58:53.000000Z"}, {"uuid": "c25377f8-5e5a-4449-8428-0ccd68c87a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/HelangMerahGroup/242", "content": "\ud83d\udea8 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). \n \nDon't let attackers compromise your system. Check if your version is affected and update now. \n \nFull details here \ud83d\udc49 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html", "creation_timestamp": "2024-01-11T08:54:24.000000Z"}, {"uuid": "06ae62a2-e7f7-4f46-bafe-98ed2df33698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/174977", "content": "https://ift.tt/3kaD5AU\nCVE-2024-20277 | Cisco ThousandEyes Enterprise Agent Virtual Appliance Web-based Management Interface Privilege Escalation (cisco-sa-thouseyes-privesc-DmzHG3Qv)", "creation_timestamp": "2024-01-28T16:26:54.000000Z"}, {"uuid": "6062debf-0a92-4a64-a35a-e174e89eb935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/174976", "content": "https://ift.tt/DtRJdAr\nCVE-2024-20272 | Cisco Unity Connection unrestricted upload (cisco-sa-cuc-unauth-afu-FROYsCsD)", "creation_timestamp": "2024-01-28T16:26:53.000000Z"}, {"uuid": "e2c0dcec-11d3-4762-92ae-da420ff3e9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20277", "type": "seen", "source": "https://t.me/ctinow/169409", "content": "https://ift.tt/Q0VGgZl\nCVE-2024-20277", "creation_timestamp": "2024-01-17T18:27:31.000000Z"}, {"uuid": "41328d4e-2ce5-4cd7-89e3-853f09bb0d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/169408", "content": "https://ift.tt/k06xDvX\nCVE-2024-20272", "creation_timestamp": "2024-01-17T18:27:28.000000Z"}, {"uuid": "548d6a64-43e7-4753-a6fc-a39276597cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20270", "type": "seen", "source": "https://t.me/ctinow/169407", "content": "https://ift.tt/mMdVQAv\nCVE-2024-20270", "creation_timestamp": "2024-01-17T18:27:26.000000Z"}, {"uuid": "4516e83f-2093-45bc-919b-ebe32ae918cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/ctinow/166521", "content": "https://ift.tt/E5lJrfP\nCritical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272)", "creation_timestamp": "2024-01-11T14:02:16.000000Z"}, {"uuid": "64e85e74-cf3c-4349-8efd-eac64c28518e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/xakep_ru/15226", "content": "Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Unity Connection\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Unity Connection. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-20272 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\nhttps://xakep.ru/2024/01/12/unity-connection-patch/", "creation_timestamp": "2024-01-12T16:04:30.000000Z"}, {"uuid": "aad42058-655d-4466-b65b-3dd2e662a78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20275", "type": "seen", "source": "https://t.me/cvedetector/8737", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20275 - \"Cisco Secure Firewall Management Center (FMC) Command Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20275 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system.  \n  \nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:37.000000Z"}, {"uuid": "b9debb8b-a552-4eb9-8bd3-6a730ebc7aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20274", "type": "seen", "source": "https://t.me/cvedetector/8736", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20274 - Cisco Secure Firewall Management Center (FMC) Software HTML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20274 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.  \n  \nThis vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:36.000000Z"}, {"uuid": "840902c4-5365-458a-805b-6e7e7c9e39ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20279", "type": "seen", "source": "https://t.me/cvedetector/4335", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20279 - Cisco APIC Restricted Security Domain Policy Manipulation\", \n  \"Content\": \"CVE ID : CVE-2024-20279 \nPublished : Aug. 28, 2024, 5:15 p.m. | 34\u00a0minutes ago \nDescription : A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system.\u00a0This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T20:08:53.000000Z"}, {"uuid": "ba54ba8f-3967-4bf4-8ff3-1ddf52757470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/HelangMerahGroup/1198", "content": "\ud83d\udea8 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). \n \nDon't let attackers compromise your system. Check if your version is affected and update now. \n \nFull details here \ud83d\udc49 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html", "creation_timestamp": "2024-01-11T08:54:24.000000Z"}, {"uuid": "510d992d-dbb8-450b-93c1-beb213d574ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20272", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3097", "content": "\ud83d\udea8 Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). \n \nDon't let attackers compromise your system. Check if your version is affected and update now. \n \nFull details here \ud83d\udc49 https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html", "creation_timestamp": "2024-01-11T08:10:42.000000Z"}]}