{"vulnerability": "cve-2023-3873", "sightings": [{"uuid": "816bbca5-7f33-4e9e-92a1-62b24ad0d213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38739", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2fhr7hkm2i", "content": "", "creation_timestamp": "2025-01-31T16:15:56.219417Z"}, {"uuid": "944f031a-02a9-42b0-a626-90355484a02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38739", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh2qmgwkub2r", "content": "", "creation_timestamp": "2025-01-31T19:35:27.454687Z"}, {"uuid": "b2e58c37-08ef-4e81-8d20-35464b70fddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38738", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18534", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-38738\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: \nIBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594.\n\n\n\ud83d\udccf Published: 2024-01-19T00:41:22.409Z\n\ud83d\udccf Modified: 2025-06-16T19:50:19.730Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7107775\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/262594", "creation_timestamp": "2025-06-16T20:37:19.000000Z"}, {"uuid": "45a09dbb-f5cf-470e-b489-ccfca428e7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38739", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:19.000000Z"}, {"uuid": "858b8525-ae9c-4b70-b14b-09c39892c0be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38739", "type": "seen", "source": "https://t.me/cvedetector/16976", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-38739 - IBM Sterling B2B Integrator CSRF\", \n  \"Content\": \"CVE ID : CVE-2023-38739 \nPublished : Jan. 31, 2025, 4:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T19:34:38.000000Z"}, {"uuid": "2e4b1135-2aaa-454a-8a03-a23c17439281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38735", "type": "seen", "source": "https://t.me/cibsecurity/72742", "content": "\u203c CVE-2023-38735 \u203c\n\nIBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-22T18:58:15.000000Z"}, {"uuid": "6b07b2bf-25e8-4e2d-9114-b553d1fabfe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38736", "type": "seen", "source": "https://t.me/cibsecurity/70159", "content": "\u203c CVE-2023-38736 \u203c\n\nIBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T22:21:37.000000Z"}, {"uuid": "53f9355d-f8b4-4398-8420-45dff8f75f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38738", "type": "seen", "source": "https://t.me/ctinow/183250", "content": "https://ift.tt/4jbvmYi\nCVE-2023-38738 | IBM OpenPages with Watson 8.3/9.0 storing passwords in a recoverable format (XFDB-262594)", "creation_timestamp": "2024-02-12T17:17:08.000000Z"}, {"uuid": "f47360b2-2e66-4ac7-b2a6-cb1591ac461c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38738", "type": "seen", "source": "https://t.me/ctinow/170035", "content": "https://ift.tt/Ig0Um5r\nCVE-2023-38738", "creation_timestamp": "2024-01-19T02:26:45.000000Z"}, {"uuid": "54acc9a4-7d3d-4c66-9e45-15743ad61e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38730", "type": "seen", "source": "https://t.me/cibsecurity/69251", "content": "\u203c CVE-2023-38730 \u203c\n\nIBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 262268.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T02:21:17.000000Z"}, {"uuid": "121d5d76-29d2-4d9a-961e-7d2d6525d544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3873", "type": "seen", "source": "https://t.me/cibsecurity/67208", "content": "\u203c CVE-2023-3873 \u203c\n\nA vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235235.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T07:40:24.000000Z"}, {"uuid": "f97ae590-d846-48b2-b723-56ee23bbddc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38733", "type": "seen", "source": "https://t.me/cibsecurity/69040", "content": "\u203c CVE-2023-38733 \u203c\n\nIBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T02:11:58.000000Z"}, {"uuid": "da74d93d-b2cf-4557-a3ec-8bab2e4a69b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38734", "type": "seen", "source": "https://t.me/cibsecurity/69039", "content": "\u203c CVE-2023-38734 \u203c\n\nIBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T02:11:58.000000Z"}, {"uuid": "9082657f-ac89-48b3-b45f-21bca110c2d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38732", "type": "seen", "source": "https://t.me/cibsecurity/68952", "content": "\u203c CVE-2023-38732 \u203c\n\nIBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:12:11.000000Z"}, {"uuid": "a988f24c-131d-4dfc-ac60-024d40a11268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38737", "type": "seen", "source": "https://t.me/cibsecurity/68681", "content": "\u203c CVE-2023-38737 \u203c\n\nIBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T22:50:11.000000Z"}]}