{"vulnerability": "cve-2023-2904", "sightings": [{"uuid": "2569ca9f-add6-4aa3-895a-78e8c78ba05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29049", "type": "seen", "source": "https://t.me/ctinow/164259", "content": "https://ift.tt/BjgH87V\nCVE-2023-29049", "creation_timestamp": "2024-01-08T10:26:25.000000Z"}, {"uuid": "a23699b0-28ae-45ad-a6e9-dc74c43fd70c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2904", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2904\n\ud83d\udd39 Description: The External Visitor Manager portal of HID\u2019s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available through a request generated by an internal user and then manipulate the visitor-id within the web API to access the personal data of other users. There is no limit on the number of requests that can be made to the HID SAFE Web Server, so an attacker could also exploit this vulnerability to create a denial-of-service condition.\n\n\n\ud83d\udccf Published: 2023-06-07T21:59:24.478Z\n\ud83d\udccf Modified: 2025-01-06T20:55:57.917Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-02", "creation_timestamp": "2025-01-06T21:38:55.000000Z"}, {"uuid": "c91150ab-437e-4f61-880c-f0697172ff9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29045", "type": "seen", "source": "https://t.me/cibsecurity/73455", "content": "\u203c CVE-2023-29045 \u203c\n\nDocuments operations, in this case \"drawing\", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborating parties does now gets checked for validity to avoid code execution. No publicly available exploits are known.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-02T17:28:40.000000Z"}, {"uuid": "9787b45f-f4d0-4189-824f-e018b731606f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29047", "type": "seen", "source": "https://t.me/cibsecurity/73443", "content": "\u203c CVE-2023-29047 \u203c\n\nImageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to inject arbitrary SQL statements. An attacker with access to the adjacent network and potentially API credentials, could read and modify database content which is accessible to the imageconverter SQL user account. None No publicly available exploits are known.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-02T17:22:45.000000Z"}, {"uuid": "9a10e40a-ef8e-4360-80a0-f00c5b35fea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29044", "type": "seen", "source": "https://t.me/cibsecurity/73441", "content": "\u203c CVE-2023-29044 \u203c\n\nDocuments operations could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborating parties does now get escaped to avoid code execution. No publicly available exploits are known.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-02T17:22:43.000000Z"}, {"uuid": "79d4745e-1ba2-4fcd-badb-e026590f688d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29049", "type": "seen", "source": "https://t.me/ctinow/173369", "content": "https://ift.tt/oGjbts0\nCVE-2023-29049 | Open-Xchange OX App Suite up to 7.10.6-rev33 upsell Widget cross site scripting (oxas-adv-2023-0005)", "creation_timestamp": "2024-01-25T10:46:08.000000Z"}, {"uuid": "29897357-7e14-4de3-82ac-32ec2afb4553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29048", "type": "seen", "source": "https://t.me/ctinow/164258", "content": "https://ift.tt/DGp6A7j\nCVE-2023-29048", "creation_timestamp": "2024-01-08T10:26:24.000000Z"}, {"uuid": "7200010c-deee-4995-8455-8082532f0239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2904", "type": "seen", "source": "https://t.me/cibsecurity/65057", "content": "\u203c CVE-2023-2904 \u203c\n\nThe External Visitor Manager portal of HID\u00e2\u20ac\u2122s SAFE versions 5.8.0 through 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available through a request generated by an internal user and then manipulate the visitor-id within the web API to access the personal data of other users. There is no limit on the number of requests that can be made to the HID SAFE Web Server, so an attacker could also exploit this vulnerability to create a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-08T02:40:28.000000Z"}]}