{"vulnerability": "cve-2024-3656", "sightings": [{"uuid": "fdee5395-3884-4545-9e4d-50620909c5c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "seen", "source": "https://t.me/cvedetector/7525", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3656 - Keycloak Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-3656 \nPublished : Oct. 9, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T22:21:05.000000Z"}, {"uuid": "42678b6a-a7fc-4c96-a21c-8c31444d34ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3806", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:32:04.000000Z"}, {"uuid": "d3707021-e42f-4800-b378-100e93b0dfcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1085", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:32:04.000000Z"}, {"uuid": "113a59f3-4734-498e-adff-8916288e5f04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1084", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T05:29:04.000000Z"}, {"uuid": "401d7b87-b2f4-4c7a-8159-4b55abbdedfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24153", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:18.000000Z"}, {"uuid": "2c5c5196-bd26-4f58-9e25-2880c6dc28e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7527", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:12.000000Z"}, {"uuid": "e9a6231e-319f-496a-afae-df62e5c1b558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3656", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/540", "content": "Tools - Hackers Factory \n\nThis is the development tree. Production downloads are at:\n\nhttps://github.com/simsong/bulk_extractor\n\nZero Infrastructure Password Cracking\n\nhttps://github.com/JoelGMSec/Cloudtopolis\n\nGitHub - Exafunction/codeium-react-code-editor: AI-enabled code editor for React. Unlimited AI autocomplete capabilities with full Typescript support.\n\nhttps://github.com/Exafunction/codeium-react-code-editor\n\nA VMWare logger using built-in backdoor.\n\nhttps://github.com/Azvanzed/vmw-logger-rs\n\nProof of Concept Exploit for CVE-2024-9464\n\nhttps://github.com/horizon3ai/CVE-2024-9464\n\nNow You See Me, Now You Don't\n\nhttps://github.com/ZeroMemoryEx/Chaos-Rootkit\n\nUnauthenticated Remote Code Execution via Angular-Base64-Upload Library\n\nhttps://github.com/rvizx/CVE-2024-42640\n\nProof of concept of CVE-2024-3656 [Keycloak] low-privilege users to access administrative functionalities\n\nhttps://github.com/h4x0r-dz/CVE-2024-3656\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-23T06:15:18.000000Z"}]}