{"vulnerability": "CVE-2022-3435", "sightings": [{"uuid": "49a4e59e-9071-40fa-bcc6-dacc82b43582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34355", "type": "seen", "source": "https://t.me/cibsecurity/71768", "content": "\u203c CVE-2022-34355 \u203c\n\nIBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-07T06:03:04.000000Z"}, {"uuid": "eb6c480c-970a-4262-8a78-e1598da4a9ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3435", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11822", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3435\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.\n\ud83d\udccf Published: 2022-10-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T13:46:07.987Z\n\ud83d\udd17 References:\n1. https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern%40kernel.org/T/#u\n2. https://vuldb.com/?id.210357\n3. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/\n6. https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html", "creation_timestamp": "2025-04-15T13:54:48.000000Z"}, {"uuid": "ebc7fc41-d45a-456a-af17-a71370368d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34357", "type": "seen", "source": "https://t.me/ctinow/207414", "content": "https://ift.tt/p3EXx5S\nCVE-2022-34357 | IBM Cognos Analytics 11.1.7/11.2.4/12.0.0 HTTP Request allocation of resources (XFDB-230510)", "creation_timestamp": "2024-03-14T04:16:57.000000Z"}, {"uuid": "5a76ab44-8340-4f5d-acff-519526a9e913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34354", "type": "seen", "source": "https://t.me/cibsecurity/53040", "content": "\u203c CVE-2022-34354 \u203c\n\nIBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-17T15:52:56.000000Z"}, {"uuid": "a6bfcd08-2f1d-4fdc-a360-3ecac037ff8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34350", "type": "seen", "source": "https://t.me/cibsecurity/57798", "content": "\u203c CVE-2022-34350 \u203c\n\nIBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with. IBM X-Force ID: 230264.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:30.000000Z"}, {"uuid": "3ec723c8-fec0-4e37-a757-0baf84112cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3435", "type": "seen", "source": "https://t.me/cibsecurity/51051", "content": "\u203c CVE-2022-3435 \u203c\n\nA vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-08T18:06:39.000000Z"}, {"uuid": "6287f1cd-f7c9-4cf2-a5c9-2e8ec1e2edec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34356", "type": "seen", "source": "https://t.me/cibsecurity/49717", "content": "\u203c CVE-2022-34356 \u203c\n\nIBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T00:25:40.000000Z"}]}