{"vulnerability": "cve-2024-8553", "sightings": [{"uuid": "3fdde20a-71f3-4fd4-9d2b-c7217af9c481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8553", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11163", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-8553\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.\n\ud83d\udccf Published: 2024-10-31T15:01:16.401Z\n\ud83d\udccf Modified: 2025-04-09T20:37:17.798Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:8717\n2. https://access.redhat.com/errata/RHSA-2024:8718\n3. https://access.redhat.com/errata/RHSA-2024:8719\n4. https://access.redhat.com/errata/RHSA-2024:8906\n5. https://access.redhat.com/security/cve/CVE-2024-8553\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2312524", "creation_timestamp": "2025-04-09T20:48:26.000000Z"}, {"uuid": "7104c798-2720-4824-aa54-63c271820de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8553", "type": "seen", "source": "https://t.me/cvedetector/9507", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8553 - Foreman Data Disclosure Permissions Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-8553 \nPublished : Oct. 31, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T16:56:34.000000Z"}]}