{"vulnerability": "CVE-2021-3551", "sightings": [{"uuid": "3b9cce44-d77a-41f2-8f67-8bbd244de4e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3551", "type": "seen", "source": "https://t.me/cibsecurity/37593", "content": "\u203c CVE-2021-3551 \u203c\n\nA flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:36:19.000000Z"}, {"uuid": "f1adc642-d02d-4354-a9f3-dd5f33964562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35515", "type": "seen", "source": "https://t.me/cibsecurity/26087", "content": "\u203c CVE-2021-35515 \u203c\n\nWhen reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-13T12:19:02.000000Z"}, {"uuid": "7bfe76e1-3a7e-48d1-a282-1f160372e274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35512", "type": "seen", "source": "https://t.me/cibsecurity/30947", "content": "\u203c CVE-2021-35512 \u203c\n\nAn SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-21T16:36:47.000000Z"}, {"uuid": "fd69d06d-ab33-4a93-a5ea-1fc1290b342b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35513", "type": "seen", "source": "https://t.me/cibsecurity/25727", "content": "\u203c CVE-2021-35513 \u203c\n\nMermaid before 8.11.0 allows XSS when the antiscript feature is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-27T16:21:34.000000Z"}]}