{"vulnerability": "CVE-2024-2224", "sightings": [{"uuid": "4f27bc69-6df3-4cdb-b58c-6ed840172b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4312", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22259\n\ud83d\udd25 CVSS Score: 8.0 (CVSS_V3)\n\ud83d\udd39 Description: Applications that use UriComponentsBuilder in Spring Framework\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as  CVE-2024-22243 https://spring.io/security/cve-2024-22243, but with different input.\n\ud83d\udccf Published: 2024-03-16T06:30:27Z\n\ud83d\udccf Modified: 2025-02-13T19:05:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-22259\n2. https://github.com/spring-projects/spring-framework/commit/297cbae2990e1413537c55845a7e0ea0ffd9f9bb\n3. https://github.com/spring-projects/spring-framework/commit/381f790329a48b74c2a49fc1384dd68ca9153501\n4. https://github.com/spring-projects/spring-framework/commit/f2fd2f12269c6a781c5b2c20b3c24141055a3d68\n5. https://github.com/spring-projects/spring-framework\n6. https://security.netapp.com/advisory/ntap-20240524-0002\n7. https://spring.io/security/cve-2024-22259", "creation_timestamp": "2025-02-13T19:16:31.000000Z"}, {"uuid": "5f301955-247e-492d-a34d-732693ad4742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/696", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T06:46:35.000000Z"}, {"uuid": "080bab42-0293-45ed-87bf-e8a7f0d053bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6661", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a env of CVE-2024-22243&CVE-2024-22234\nURL\uff1ahttps://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-23T10:13:50.000000Z"}, {"uuid": "907c1d1b-ee56-4361-83fa-b62c6ffff6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22262\n\ud83d\udd25 CVSS Score: 8.0 (CVSS_V3)\n\ud83d\udd39 Description: Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\ud83d\udccf Published: 2024-04-16T06:30:28Z\n\ud83d\udccf Modified: 2025-02-13T19:00:56Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-22262\n2. https://github.com/spring-projects/spring-framework\n3. https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java\n4. https://security.netapp.com/advisory/ntap-20240524-0003\n5. https://spring.io/security/cve-2024-22262", "creation_timestamp": "2025-02-13T19:21:07.000000Z"}, {"uuid": "a7f91d38-52c5-4e57-a102-ec834066fe17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7352", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExample exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).\nURL\uff1ahttps://github.com/SeanPesce/CVE-2024-22243\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T13:16:30.000000Z"}, {"uuid": "784d8f02-fa35-4f2b-8796-d3e89d8f458a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/101", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T06:43:34.000000Z"}, {"uuid": "c1f1ba61-e0ce-43ff-b9b9-c8537613dfbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "Telegram/5uCXc0_4cqtBZOg5zF2sxq4NGhKkrJ5GBpEaTCk2dTGPDw", "content": "", "creation_timestamp": "2024-02-21T08:17:21.000000Z"}, {"uuid": "7dffc65a-ae77-4134-b358-2f9acbf8434c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "Telegram/aytDRNJAYRLkAGcpQSQjKrOvI8GFZ0fpnyB27o0JUgg", "content": "", "creation_timestamp": "2024-08-02T06:45:55.000000Z"}, {"uuid": "a77e2934-298c-457c-abca-5a2812f77e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/arpsyndicate/4683", "content": "#ExploitObserverAlert\n\nCVE-2024-22262\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.  This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.701451", "creation_timestamp": "2024-04-18T04:35:44.000000Z"}, {"uuid": "e5e2de14-6e8e-4637-9c5a-4a02aaaa61eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/arpsyndicate/3825", "content": "#ExploitObserverAlert\n\nCVE-2024-22245\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-22245. Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP) could allow\u00a0a\u00a0malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs).", "creation_timestamp": "2024-02-21T14:59:34.000000Z"}, {"uuid": "f93aa822-cd84-4259-9884-d086e06454a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "Telegram/FaWRITNnsZ9FNJZV9cqRf_UkilMmvDXY1X1kGeI-4NJd7w", "content": "", "creation_timestamp": "2024-02-21T07:40:18.000000Z"}, {"uuid": "4415c27e-b3ca-478c-b465-b96280575116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/arpsyndicate/4730", "content": "#ExploitObserverAlert\n\nCVE-2024-22262\n\nDESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.  This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\nFIRST-EPSS: 0.000430000\nARPS-PRIORITY: 0.710172", "creation_timestamp": "2024-04-20T18:55:00.000000Z"}, {"uuid": "e4275d6c-bf26-444a-ab8e-2ec06892cc6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "Telegram/xR1jS9HwiZzXNVW_S-Y9Dwo606EDDevtP4jor7zPHlsRSjM", "content": "", "creation_timestamp": "2025-02-21T10:00:06.000000Z"}, {"uuid": "caa356b0-3029-4b9b-9727-8f147184504c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/KomunitiSiber/1522", "content": "VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk\nhttps://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html\n\nVMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.\nTracked as\u00a0CVE-2024-22245\u00a0(CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.\n\"A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying", "creation_timestamp": "2024-02-21T07:22:31.000000Z"}, {"uuid": "de55eb06-beaf-4e74-ab87-c1908740e9b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/596", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:15.000000Z"}, {"uuid": "eaa7ec1d-8c61-4bb6-870f-266d8d118a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8479", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "973203d0-9222-482f-bcaf-754e13e5e3ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7166", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "d8a8b322-e0c0-43f3-b81b-fb29e75a7746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3610", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:27.000000Z"}, {"uuid": "e2668915-c356-437b-997c-3955c18d4220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/thehackernews/4578", "content": "\ud83d\udea8 Attention VMware users! \n \nNew flaws identified (CVE-2024-22245 & CVE-2024-22250) in the EAP plugin. Attackers could exploit them to hijack Active Directory accounts and privileged EAP sessions. \n \nUNINSTALL it immediately. \n \nLearn more: https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html", "creation_timestamp": "2024-02-21T06:38:32.000000Z"}, {"uuid": "ec156e74-203a-43d0-ba0f-203c552fb63e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22240", "type": "seen", "source": "https://t.me/true_secator/5391", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 Cisco \u0438 Fortinet, \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u00ab\u0442\u0440\u043e\u0439\u043a\u0443\u00bb \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u00a0\u043f\u044f\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445\u00a0\u0432 Aria Operations for Networks (\u0440\u0430\u043d\u0435\u0435 vRealize Network Insight). \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n\n- CVE-2024-22237 (CVSS: 7,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0439 root-\u0434\u043e\u0441\u0442\u0443\u043f.\n\n- CVE-2024-22238 (CVSS: 6,4): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n- CVE-2024-22239 (CVSS: 5,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043e\u0431\u044b\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n- CVE-2024-22240 (CVSS: 4,9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n- CVE-2024-22241 (CVSS: 4,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c VMware Aria Operations for Networks \u0432\u0435\u0440\u0441\u0438\u0438 6.x \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f\u00a0\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.12.0.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0432\u0441\u0435\u043c\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 Cisco, Fortinet \u0438 VMware, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c \u0438 \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0448\u0430\u0433\u043e\u043c \u0434\u043b\u044f \u043a\u0443\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.", "creation_timestamp": "2024-02-08T11:40:05.000000Z"}, {"uuid": "59897133-0066-4165-b564-ce24f174da3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/ctinow/188847", "content": "https://ift.tt/h2o7c63\nCVE-2024-22245", "creation_timestamp": "2024-02-20T19:27:17.000000Z"}, {"uuid": "2156dfa2-13ce-46f5-afbd-a275c27e40df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/ctinow/188863", "content": "https://ift.tt/h2o7c63\nCVE-2024-22245", "creation_timestamp": "2024-02-20T19:32:04.000000Z"}, {"uuid": "e384af12-090c-4a2b-896a-5623aeb96db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22241", "type": "seen", "source": "https://t.me/ctinow/180337", "content": "https://ift.tt/9bfCE34\nCVE-2024-22241", "creation_timestamp": "2024-02-06T21:26:43.000000Z"}, {"uuid": "10548c46-3820-47d1-b357-07ea1697fc82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22240", "type": "seen", "source": "https://t.me/ctinow/180336", "content": "https://ift.tt/0FoweD3\nCVE-2024-22240", "creation_timestamp": "2024-02-06T21:26:42.000000Z"}, {"uuid": "3d93cf38-9f0b-443d-81ee-7cda2bcae650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22241", "type": "seen", "source": "https://t.me/true_secator/5391", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 Cisco \u0438 Fortinet, \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u00ab\u0442\u0440\u043e\u0439\u043a\u0443\u00bb \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u00a0\u043f\u044f\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445\u00a0\u0432 Aria Operations for Networks (\u0440\u0430\u043d\u0435\u0435 vRealize Network Insight). \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n\n- CVE-2024-22237 (CVSS: 7,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0439 root-\u0434\u043e\u0441\u0442\u0443\u043f.\n\n- CVE-2024-22238 (CVSS: 6,4): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n- CVE-2024-22239 (CVSS: 5,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043e\u0431\u044b\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n- CVE-2024-22240 (CVSS: 4,9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n- CVE-2024-22241 (CVSS: 4,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c VMware Aria Operations for Networks \u0432\u0435\u0440\u0441\u0438\u0438 6.x \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f\u00a0\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.12.0.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0432\u0441\u0435\u043c\u0438 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 Cisco, Fortinet \u0438 VMware, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c \u0438 \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0448\u0430\u0433\u043e\u043c \u0434\u043b\u044f \u043a\u0443\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.", "creation_timestamp": "2024-02-08T11:40:05.000000Z"}, {"uuid": "482f92d3-1e65-4ad8-9f6d-57c8b45f2aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/true_secator/5442", "content": "VMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430 VMware Enhanced Authentication Plug-in (EAP), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u0434\u0432\u0443\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u0442\u0430\u043b\u0438\u0441\u044c \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u0435\u0441\u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0432\u0445\u043e\u0434 \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f vSphere \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 Windows \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0441\u043c\u0430\u0440\u0442-\u043a\u0430\u0440\u0442 \u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n\n\u0412\u0441\u0435 \u0434\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e VMware \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 EAP \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 2021 \u0433\u043e\u0434\u0430, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 vCenter Server 7.0 Update 2.\n\n\u0414\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-22245 (\u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSSv3 9,6 \u0438\u0437 10) \u0438 CVE-2024-22250 (7,8 \u0438\u0437 10) \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 \u0431\u0438\u043b\u0435\u0442\u043e\u0432 \u0441\u043b\u0443\u0436\u0431\u044b Kerberos \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0430\u043d\u0441\u043e\u0432 EAP.\n\n\u0412\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u0434\u043b\u044f CVE-2024-22245 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0434\u043e\u043c\u0435\u043d\u0430 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0432 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 EAP \u0437\u0430\u043f\u0440\u043e\u0441\u0438\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0431\u0438\u043b\u0435\u0442\u044b \u0441\u043b\u0443\u0436\u0431\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0438\u043c\u0435\u043d \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u0432 \u0441\u043b\u0443\u0436\u0431\u044b Active Directory (SPN).\n\n\u0427\u0442\u043e \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f CVE-2024-22250, \u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0430\u043d\u0441 EAP, \u0435\u0441\u043b\u0438 \u043e\u043d \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u043e\u043c\u0435\u043d\u0430 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041d\u043e \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2024-22245 \u0438 CVE-2024-22250 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 (\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c VMware Enhanced Authentication Plug-in 6.7.0), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443 Windows (\u0441\u043b\u0443\u0436\u0431\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 VMware).\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043c\u043e\u0434\u0443\u043b\u044e VMware \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 VMware vSphere 8, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435: Active Directory \u0447\u0435\u0440\u0435\u0437 LDAPS, \u0441\u043b\u0443\u0436\u0431\u044b \u0444\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 Microsoft Active Directory (ADFS), Microsoft Entra ID (\u0440\u0430\u043d\u0435\u0435 Azure AD) \u0438 Okta.\n\n\u041d\u043e \u043d\u0430\u0441\u0447\u0435\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439, \u043d\u0435 \u0443\u0432\u0435\u0440\u0435\u043d\u044b.", "creation_timestamp": "2024-02-21T14:30:06.000000Z"}, {"uuid": "2e7f28b3-94fa-4c43-b62e-1a60eae21e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/191466", "content": "https://ift.tt/mXNuPKB\nCVE-2024-22243", "creation_timestamp": "2024-02-23T06:31:43.000000Z"}, {"uuid": "bab54ee7-1d9b-47ae-8a80-a5af44f85c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/191465", "content": "https://ift.tt/mXNuPKB\nCVE-2024-22243", "creation_timestamp": "2024-02-23T06:26:18.000000Z"}, {"uuid": "1b2ad521-83a7-481a-9b75-c301d05b2e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/ctinow/189687", "content": "https://ift.tt/Pix6FsZ\nVMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)", "creation_timestamp": "2024-02-21T15:42:17.000000Z"}, {"uuid": "832aca1e-b368-4e4d-bc5d-21b32bbc42cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/192241", "content": "https://ift.tt/SvoJYBt\nCVE-2024-22243", "creation_timestamp": "2024-02-23T22:41:19.000000Z"}, {"uuid": "769dfce2-3c67-463a-bbf6-1730baef7506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10921", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T12:35:59.000000Z"}, {"uuid": "274a075a-c59f-4935-970b-de2068c01096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2937", "content": "https://github.com/SeanPesce/CVE-2024-22243\n\nExample exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).\n#github", "creation_timestamp": "2024-08-06T12:49:42.000000Z"}, {"uuid": "2c2ab33e-d888-462e-ad38-2ddbf8e7a4e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22240", "type": "seen", "source": "https://t.me/ctinow/197611", "content": "https://ift.tt/IE3RPQk\nCVE-2024-22240 | VMware Aria Operations for Networks prior 6.12 information disclosure (VMSA-2024-0002)", "creation_timestamp": "2024-03-01T13:41:33.000000Z"}, {"uuid": "be46b881-db61-46fa-813a-74871003e035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22241", "type": "seen", "source": "https://t.me/ctinow/197612", "content": "https://ift.tt/y1RhBSE\nCVE-2024-22241 | VMware Aria Operations for Networks prior 6.12 cross site scripting (VMSA-2024-0002)", "creation_timestamp": "2024-03-01T13:41:34.000000Z"}, {"uuid": "6daa48c4-37d6-47df-ab7c-1dee240624f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3531", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-16T11:18:09.000000Z"}, {"uuid": "1d439ad6-c8fb-4e7f-b913-847973d25edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22245", "type": "seen", "source": "https://t.me/referencebooks0/206", "content": "\ud83d\udea8 Attention VMware users! \n\nNew flaws identified (CVE-2024-22245 & CVE-2024-22250) in the EAP plugin. Attackers could exploit them to hijack Active Directory accounts and privileged EAP sessions. \n\nUNINSTALL it immediately. \n\n\u0634\u0631\u06a9\u062a VMware \u0647\u0634\u062f\u0627\u0631\u06cc \u0635\u0627\u062f\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f \u067e\u0644\u0627\u06af\u06cc\u0646 \u062a\u0623\u06cc\u06cc\u062f \u0627\u0639\u062a\u0628\u0627\u0631 \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 (EAP) \u0645\u0646\u0633\u0648\u062e \u0634\u062f\u0647 \u0631\u0627 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0647\u0645 CVE-2024-22245 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 9.6 \u062d\u0630\u0641\u00a0 \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0631\u0627 \u0642\u0627\u062f\u0631 \u0645\u06cc\u200c\u0633\u0627\u0632\u062f \u062a\u0627 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u0628\u0627 EAP \u0646\u0635\u0628 \u0634\u062f\u0647 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u06cc\u0634\u0627\u0646 \u0641\u0631\u06cc\u0628 \u062f\u0647\u0646\u062f \u062a\u0627 \u0628\u0644\u06cc\u0637\u200c\u0647\u0627\u06cc \u0633\u0631\u0648\u06cc\u0633 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0627\u0645\u200c\u0647\u0627\u06cc \u0627\u0635\u0644\u06cc \u0633\u0631\u0648\u06cc\u0633 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0641\u0639\u0627\u0644 (SPN) \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u06a9\u0646\u0646\u062f \u0648 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u060c CVE-2024-22250\u060c \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 7.8\u060c \u0628\u0647 \u06cc\u06a9 \u0639\u0627\u0645\u0644 \u0645\u062e\u0631\u0628 \u0628\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u062d\u0644\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0628\u0647 \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u06cc\u06a9 \u0633\u0634\u0646\u00a0 EAP \u0645\u0645\u062a\u0627\u0632 \u0631\u0627 \u0631\u0628\u0648\u062f\u0647 \u0628\u0627\u0634\u062f. \u06a9\u0627\u0631\u0628\u0631\u0627\u0646\u06cc \u06a9\u0647 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0627\u06cc\u0646 \u0648\u0636\u0639\u06cc\u062a \u0642\u0631\u0627\u0631 \u0645\u06cc \u06af\u06cc\u0631\u0646\u062f \u0634\u0627\u0645\u0644 \u06a9\u0633\u0627\u0646\u06cc \u0647\u0633\u062a\u0646\u062f \u06a9\u0647 EAP \u0631\u0627 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc Microsoft Windows \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0646\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 vSphere Client \u0628\u0647 VMware vSphere \u0645\u062a\u0635\u0644 \u0634\u0648\u0646\u062f. \u0628\u0631\u0627\u06cc \u0645\u0642\u0627\u0628\u0644\u0647 \u0628\u0627 \u062e\u0637\u0631\u0627\u062a \u0646\u0627\u0634\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c VMware \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0627\u06cc \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0622\u0646\u200c\u0647\u0627 \u0646\u062f\u0627\u0631\u062f\u060c \u0628\u0644\u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u062a\u0634\u0648\u06cc\u0642 \u0645\u06cc\u200c\u06a9\u0646\u062f \u062a\u0627 \u067e\u0644\u0627\u06af\u06cc\u0646 \u0631\u0627 \u0628\u0647 \u0637\u0648\u0631 \u06a9\u0627\u0645\u0644 \u062d\u0630\u0641 \u06a9\u0646\u0646\u062f.\n\u00a0 \nLearn more: https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html", "creation_timestamp": "2024-02-25T17:11:24.000000Z"}]}