CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2023-28514 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250398 https://www.ibm.com/support/pages/node/6985835 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22791 – Aruba InstantOS and ArubaOS 10 Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2023-22791
A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22790 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22790
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22789 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22789
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22788 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22788
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •