{"vulnerability": "cve-2024-4934", "sightings": [{"uuid": "aa777dbe-0e33-478d-804f-4b2ab3384b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113951067139075642", "content": "", "creation_timestamp": "2025-02-05T11:34:57.452572Z"}, {"uuid": "1458edfb-aa61-4527-b135-54082f0e090e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhgkfgvy3r2j", "content": "", "creation_timestamp": "2025-02-05T12:16:05.018008Z"}, {"uuid": "889a2643-7d62-49b6-8788-8bfd05ec618d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhgyrvs6te24", "content": "", "creation_timestamp": "2025-02-05T16:33:36.297691Z"}, {"uuid": "052eee4b-fa3e-4ce0-8499-022cf7770345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49349", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2iskla4l2p", "content": "", "creation_timestamp": "2025-01-31T17:15:39.161974Z"}, {"uuid": "0db8755e-331b-4646-a57d-3584ffecafd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49349", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh2xd6t3sc2w", "content": "", "creation_timestamp": "2025-01-31T21:35:30.401089Z"}, {"uuid": "474486f0-d36e-4545-889e-cd7bedc8357a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49344", "type": "seen", "source": "https://t.me/cvedetector/18539", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49344 - IBM OpenPages with Watson Chat Session Persistence Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49344 \nPublished : Feb. 20, 2025, 12:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages   \n  \n  \n  \nwith Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T14:49:30.000000Z"}, {"uuid": "78aed04f-625c-41b4-bd1e-9f42a09361bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49348\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: IBM Cloud Pak for Business Automation\u00a018.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 \n\n\n\nallows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context.\n\ud83d\udccf Published: 2025-02-05T11:30:05.572Z\n\ud83d\udccf Modified: 2025-02-22T21:00:11.012Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7182403", "creation_timestamp": "2025-02-22T21:25:47.000000Z"}, {"uuid": "fdcd614d-1523-4006-bf9f-9b9d8869d2e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://t.me/cvedetector/17290", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49348 - IBM Cloud Pak for Business Automation Comment Reassignment Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49348 \nPublished : Feb. 5, 2025, 12:15 p.m. | 1\u00a0hour, 38\u00a0minutes ago \nDescription : IBM Cloud Pak for Business Automation\u00a018.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2   \n  \n  \n  \nallows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T14:58:14.000000Z"}, {"uuid": "ac3de5ac-5691-41fc-8225-c78887fdc0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49349", "type": "seen", "source": "https://t.me/cvedetector/16960", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49349 - IBM Financial Transaction Manager for SWIFT Services for Multiplatforms XSS\", \n  \"Content\": \"CVE ID : CVE-2024-49349 \nPublished : Jan. 31, 2025, 5:15 p.m. | 46\u00a0minutes ago \nDescription : IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T19:34:16.000000Z"}, {"uuid": "ef9b4664-de11-4476-9645-0ea20dcbc3f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49340", "type": "seen", "source": "https://t.me/cvedetector/7987", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49340 - IBM Watson Studio Local Cross-Site Request Forgery\", \n  \"Content\": \"CVE ID : CVE-2024-49340 \nPublished : Oct. 16, 2024, 12:15 a.m. | 34\u00a0minutes ago \nDescription : IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T02:58:55.000000Z"}, {"uuid": "54196236-a48f-4581-8fcb-c75a6a518c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "Telegram/R0F4UdC5RSv_-gpuOoo9xbGntHsb3gyul_vQSZuZsoHz07_9", "content": "", "creation_timestamp": "2025-02-06T02:43:28.000000Z"}, {"uuid": "74dba2af-e667-4ee3-b0c3-87d7a33fafd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49344", "type": "seen", "source": "Telegram/oUmt6zeFrsEPkmcepHWcQg6bBErHrIxzv6be355eOv4DALUG", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}]}