{"vulnerability": "cve-2018-1721", "sightings": [{"uuid": "4716a65b-c1c5-4f2b-985c-40b7dd019945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1721", "type": "seen", "source": "https://t.me/ctinow/182703", "content": "https://ift.tt/7OrqWJ8\nCVE-2018-1721 | IBM Cognos Analytics 11.0/11.1 Web Server HTTP Requests xml injection (XFDB-147369)", "creation_timestamp": "2024-02-11T07:56:41.000000Z"}, {"uuid": "0e864339-b4e8-4362-bb49-e1373ac29e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17213", "type": "seen", "source": "https://t.me/cibsecurity/5783", "content": "ATENTION\u203c New - CVE-2018-17213\n\nAn issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-29T22:34:26.000000Z"}, {"uuid": "4dc0b9b4-4382-4820-b76d-108a8e00462a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17211", "type": "seen", "source": "https://t.me/cibsecurity/5784", "content": "ATENTION\u203c New - CVE-2018-17211\n\nAn issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-29T22:34:27.000000Z"}, {"uuid": "36223528-64aa-491b-ac72-7e760c41b13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17210", "type": "seen", "source": "https://t.me/cibsecurity/5742", "content": "ATENTION\u203c New - CVE-2018-17210 (central_print_services)\n\nAn issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass the session checks (that would otherwise logout a low-privileged user) by calling the core print job components directly via crafted HTTP GET and POST requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-07-26T18:31:08.000000Z"}]}