{"vulnerability": "ghsa-4248-p65p-hcrm", "sightings": [{"uuid": "04045981-007a-4761-b401-8dc968b123e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-4248-P65P-HCRM", "type": "seen", "source": "https://t.me/arpsyndicate/2511", "content": "#ExploitObserverAlert\n\nGHSA-4248-p65p-hcrm\n\nDESCRIPTION: Exploit Observer has 2 entries related to GHSA-4248-P65P-HCRM. CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges.\n\nGHSS: 6.5", "creation_timestamp": "2024-01-05T18:53:33.000000Z"}, {"uuid": "d0dfd671-ce50-4961-8e18-390d35322f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-4248-P65P-HCRM", "type": "seen", "source": "https://t.me/ctinow/162468", "content": "https://ift.tt/mtxJPEX\n[GHSA-4248-p65p-hcrm] Insecure random string generator used for sensitive data", "creation_timestamp": "2024-01-03T17:26:44.000000Z"}]}