{"vulnerability": "cve-2022-4391", "sightings": [{"uuid": "f8eb4eff-8aa2-4a1b-8fbe-f1fc2cd793c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgxs5lb44c2e", "content": "", "creation_timestamp": "2025-01-30T15:24:56.128899Z"}, {"uuid": "96bd6239-a82c-4a53-ac38-604c10ed779d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113917234754823128", "content": "", "creation_timestamp": "2025-01-30T12:10:56.398768Z"}, {"uuid": "597b055a-9e91-4918-94e3-9f20a3550906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxhlqc2co2h", "content": "", "creation_timestamp": "2025-01-30T12:15:57.456699Z"}, {"uuid": "561efd5e-8130-4efd-99f9-96a7a3b1631f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"}, {"uuid": "2c24b0df-2ddb-445b-9aba-5321a298d7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3480", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43916\n\ud83d\udd25 CVSS Score: 6.8 (CVSS_V3)\n\ud83d\udd39 Description: IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure.\n\ud83d\udccf Published: 2025-01-30T12:31:19Z\n\ud83d\udccf Modified: 2025-01-30T12:31:19Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2022-43916\n2. https://www.ibm.com/support/pages/node/7181916", "creation_timestamp": "2025-01-30T13:11:26.000000Z"}, {"uuid": "5c36df7e-c845-4358-ac38-279e69d47811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43916", "type": "seen", "source": "https://t.me/cvedetector/16762", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-43916 - IBM App Connect Enterprise Container Network Egress Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-43916 \nPublished : Jan. 30, 2025, 12:15 p.m. | 39\u00a0minutes ago \nDescription : IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T14:16:00.000000Z"}, {"uuid": "94934d46-eb73-4256-9706-371e4de39182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43915", "type": "seen", "source": "https://t.me/cvedetector/4057", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-43915 - IBM App Connect Enterprise Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2022-43915 \nPublished : Aug. 24, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods.  This can allow a user with access to execute commands in a running Pod to elevate their user privileges. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-24T14:52:28.000000Z"}, {"uuid": "d6f0b705-ef8f-4025-b1aa-2bb7564176fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43910", "type": "seen", "source": "https://t.me/cibsecurity/66989", "content": "\u203c CVE-2022-43910 \u203c\n\nIBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T07:25:03.000000Z"}, {"uuid": "a633116f-decb-42bb-8035-9625a51df96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43919", "type": "seen", "source": "https://t.me/cibsecurity/63365", "content": "\u203c CVE-2022-43919 \u203c\n\nIBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T18:25:02.000000Z"}, {"uuid": "7cc89e7c-d10a-4eb0-b47c-f7dc57cdacb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43914", "type": "seen", "source": "https://t.me/cibsecurity/61683", "content": "\u203c CVE-2022-43914 \u203c\n\nIBM TRIRIGA Application Platform 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 241036.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T18:28:47.000000Z"}, {"uuid": "d009bbe4-c8e5-4abf-afc4-1ca75539bfb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43917", "type": "seen", "source": "https://t.me/cibsecurity/57000", "content": "\u203c CVE-2022-43917 \u203c\n\nIBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:46:52.000000Z"}, {"uuid": "01b2143d-b563-4bb5-a958-eda9698b5194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4391", "type": "seen", "source": "https://t.me/cibsecurity/56194", "content": "\u203c CVE-2022-4391 \u203c\n\nThe Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:05.000000Z"}]}