{"vulnerability": "cve-2024-5417", "sightings": [{"uuid": "8d2f011c-1e39-4619-8b75-8fa286e31bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54172", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrvrpuczpr2a", "content": "", "creation_timestamp": "2025-06-18T19:49:01.756865Z"}, {"uuid": "1a2005a7-6e47-408a-97ca-1e20e1512af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54171", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958841793840341", "content": "", "creation_timestamp": "2025-02-06T20:32:09.176467Z"}, {"uuid": "b5c28e17-b22c-4d5f-bb15-95bb1e7d2a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54171", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhk6ahcdbe2o", "content": "", "creation_timestamp": "2025-02-06T22:49:16.803615Z"}, {"uuid": "816851ff-ca73-4ca5-8ab1-5bcdd45df07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54171", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjyz4v2sp2d", "content": "", "creation_timestamp": "2025-02-06T21:15:36.101590Z"}, {"uuid": "c23420da-036d-4a41-b564-c26163a58b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113969165295794391", "content": "", "creation_timestamp": "2025-02-08T16:17:33.497284Z"}, {"uuid": "5d14e4ba-0e3f-41f0-b540-7cd3ea0a9fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhomjwzlm62h", "content": "", "creation_timestamp": "2025-02-08T17:15:40.428544Z"}, {"uuid": "dfcd153b-945b-4d81-bfdd-ec601f32e845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhoo5ctews2n", "content": "", "creation_timestamp": "2025-02-08T17:44:23.807695Z"}, {"uuid": "451b8394-391c-4703-bbf1-29b4afe4ae68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54170", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114076729153415963", "content": "", "creation_timestamp": "2025-02-27T16:12:27.770460Z"}, {"uuid": "814b7d9e-ce4f-41d4-8ab7-631b47ef324a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54179", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "27810263-6b5e-4d01-98d0-646803a14cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54175", "type": "seen", "source": "https://t.me/cvedetector/19170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54175 - IBM MQ Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54175 \nPublished : Feb. 28, 2025, 5:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD   \n  \ncould allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T19:32:25.000000Z"}, {"uuid": "1c2599ab-e85d-4001-8415-f3f8a0ec2a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54170", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:22.000000Z"}, {"uuid": "e00fe8ec-8c68-4ab0-9180-c5b73fa66bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54173", "type": "seen", "source": "https://t.me/cvedetector/19117", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54173 - IBM MQ Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54173 \nPublished : Feb. 28, 2025, 3:15 a.m. | 42\u00a0minutes ago \nDescription : IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T05:19:14.000000Z"}, {"uuid": "5565d24f-99e0-4344-b820-47fc9bd9cbd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54171", "type": "seen", "source": "https://t.me/cvedetector/17445", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54171 - IBM EntireX XXE Injection\", \n  \"Content\": \"CVE ID : CVE-2024-54171 \nPublished : Feb. 6, 2025, 9:15 p.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T00:26:11.000000Z"}, {"uuid": "431f3a8b-d561-4781-aa14-501a832b2729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://t.me/cvedetector/17538", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54176 - IBM DevOps Deploy and IBM UrbanCode Deploy Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-54176 \nPublished : Feb. 8, 2025, 5:15 p.m. | 57\u00a0minutes ago \nDescription : IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-08T19:55:36.000000Z"}, {"uuid": "9d6edd3e-8b18-4dc2-83e8-d57c3f2d2bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54176\n\ud83d\udd25 CVSS Score: 4.2 (CVSS_V3)\n\ud83d\udd39 Description: IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.\n\ud83d\udccf Published: 2025-02-08T18:34:42Z\n\ud83d\udccf Modified: 2025-02-08T18:34:42Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-54176\n2. https://www.ibm.com/support/pages/node/7182840", "creation_timestamp": "2025-02-08T19:04:14.000000Z"}, {"uuid": "fcebf7fd-df0b-43f5-b347-85bc6f5f91c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54175", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5912", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54175\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD \n\ncould allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions.\n\ud83d\udccf Published: 2025-02-28T16:19:56.817Z\n\ud83d\udccf Modified: 2025-02-28T16:19:56.817Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7184453", "creation_timestamp": "2025-02-28T16:26:54.000000Z"}, {"uuid": "77d75f2f-9825-45eb-ac36-122e7733b813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54176", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5057", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54176\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.\n\ud83d\udccf Published: 2025-02-08T16:15:40.041Z\n\ud83d\udccf Modified: 2025-02-22T22:12:32.094Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7182840", "creation_timestamp": "2025-02-22T22:21:31.000000Z"}, {"uuid": "26d30711-9e97-4abe-872b-1980739c9f2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54171", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5058", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54171\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L)\n\ud83d\udd39 Description: IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources.\n\ud83d\udccf Published: 2025-02-06T20:29:04.129Z\n\ud83d\udccf Modified: 2025-02-22T22:11:33.331Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7182693", "creation_timestamp": "2025-02-22T22:21:31.000000Z"}, {"uuid": "afd30071-8cbf-497c-ac3f-01fc3332d5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54173", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5830", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54173\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled.\n\ud83d\udccf Published: 2025-02-28T02:22:14.364Z\n\ud83d\udccf Modified: 2025-02-28T02:22:14.364Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7183370", "creation_timestamp": "2025-02-28T03:26:33.000000Z"}, {"uuid": "76927322-ae1c-4271-b777-5b2a86aee982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54170", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54170\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: IBM EntireX 11.1\u00a0could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles.\n\ud83d\udccf Published: 2025-02-27T14:55:47.166Z\n\ud83d\udccf Modified: 2025-02-27T15:12:51.277Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7184194", "creation_timestamp": "2025-02-27T15:29:25.000000Z"}, {"uuid": "11dcc3b8-f0e4-4e07-a2ac-e689b9813b3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54172", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18787", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54172\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.\n\ud83d\udccf Published: 2025-06-18T16:13:10.754Z\n\ud83d\udccf Modified: 2025-06-18T16:13:10.754Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7237059", "creation_timestamp": "2025-06-18T16:43:37.000000Z"}, {"uuid": "72a610da-6975-4748-ae0a-fa2f8b1eaf34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54179", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6210", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54179\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.\n\ud83d\udccf Published: 2025-03-03T13:56:50.099Z\n\ud83d\udccf Modified: 2025-03-03T14:05:09.145Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7184647", "creation_timestamp": "2025-03-03T14:30:02.000000Z"}, {"uuid": "c853246e-237f-40b4-bb08-b9571cb1fde3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54173", "type": "seen", "source": "Telegram/zhuZdYhXDkavyTMCjXgRgoy-6Lx6Lche_ozWOCcQSIpMeYmD", "content": "", "creation_timestamp": "2025-03-02T11:44:21.000000Z"}, {"uuid": "baae8ec8-9d01-4109-b3a2-267c32c035da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5417", "type": "seen", "source": "https://t.me/cvedetector/4382", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5417 - Gutentor WordPress Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-5417 \nPublished : Aug. 29, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : The Gutentor  WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T13:42:43.000000Z"}, {"uuid": "0b780db3-6eaa-447f-a19d-62584f4a5e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54175", "type": "seen", "source": "Telegram/rVEfi3LMHg2vUw_hqc2CMWwjCJllqlPCLqXzWKMvRuh5Nx9S", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}]}