{"vulnerability": "cve-2024-2986", "sightings": [{"uuid": "dfeb1542-a5cf-4665-ae2b-339e4130ba4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113908135028434980", "content": "", "creation_timestamp": "2025-01-28T21:36:45.414133Z"}, {"uuid": "73a14676-99a7-4651-afa0-7e69db83963b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhb37hbncc2x", "content": "", "creation_timestamp": "2025-02-03T08:00:58.281530Z"}, {"uuid": "b5ba2aad-011e-4f3c-be64-e1f3e7fe6579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lgtgv2wfd62q", "content": "", "creation_timestamp": "2025-01-28T21:52:38.052296Z"}, {"uuid": "83e2c7bd-2f75-4235-9ad7-a30bc4d88299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgti657kba2w", "content": "", "creation_timestamp": "2025-01-28T22:15:36.080732Z"}, {"uuid": "bbc7d863-4333-46d2-8f51-037b540243b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lh2bmllrpx2n", "content": "", "creation_timestamp": "2025-01-31T15:07:03.602979Z"}, {"uuid": "2b91c9a3-03d2-4719-bdfd-0939394c754a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgz3fwd4uk24", "content": "", "creation_timestamp": "2025-01-31T03:43:22.734845Z"}, {"uuid": "b0db9619-bd42-4666-8a84-992163ff498a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lqfnqo5d7l2t", "content": "", "creation_timestamp": "2025-05-30T16:30:08.061291Z"}, {"uuid": "7251f4ad-37c8-4de6-a3c5-3f6e4eb1c6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3328", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-29869\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file.\u00a0Users are recommended to upgrade to version 4.0.1, which fixes this issue.\n\ud83d\udccf Published: 2025-01-29T00:31:54Z\n\ud83d\udccf Modified: 2025-01-29T00:31:54Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-29869\n2. https://github.com/apache/hive/commit/20106e254527f7d71b2e34455c4322e14950c620\n3. https://github.com/apache/hive\n4. https://issues.apache.org/jira/browse/HIVE-28134\n5. https://lists.apache.org/thread/h27ohpyrqf9w1m3c0tqr7x8jg59rcrv6\n6. http://www.openwall.com/lists/oss-security/2025/01/28/4", "creation_timestamp": "2025-01-29T01:10:11.000000Z"}, {"uuid": "10e0ac0b-b6fa-4ad4-8844-d794acec4fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3307", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-29869\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-28T22:15:15.727\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/apache/hive\n2. https://github.com/apache/hive/commit/20106e254527f7d71b2e34455c4322e14950c620\n3. https://issues.apache.org/jira/browse/HIVE-28134\n4. https://lists.apache.org/thread/h27ohpyrqf9w1m3c0tqr7x8jg59rcrv6", "creation_timestamp": "2025-01-28T23:18:01.000000Z"}, {"uuid": "f40c6325-3576-4a8f-81cd-c7463e04c874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29865", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9517", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-29865\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form.\n\ud83d\udccf Published: 2024-03-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T23:49:23.862Z\n\ud83d\udd17 References:\n1. https://servicedesk.logpoint.com/hc/en-us/articles/17710372214045-Self-XSS-on-LDAP-authentication", "creation_timestamp": "2025-03-29T00:28:45.000000Z"}, {"uuid": "0f9e9265-503a-48e8-b48f-1c6c004d5b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29869", "type": "seen", "source": "https://t.me/cvedetector/16656", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-29869 - Hive Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-29869 \nPublished : Jan. 28, 2025, 10:15 p.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file.\u00a0Users are recommended to upgrade to version 4.0.1, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T01:29:10.000000Z"}, {"uuid": "80629e1e-d104-40e0-a10f-27fe45e5bc77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-29868", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/3715", "content": "\u200aCVE-2024-29868 in Popular IoT Toolbox StreamPipes Opens Door to Account Takeovers\n\nhttps://securityonline.info/cve-2024-29868-in-popular-iot-toolbox-streampipes-opens-door-to-account-takeovers/", "creation_timestamp": "2024-06-27T04:28:10.000000Z"}]}