CVE-2023-36406 – Windows Hyper-V Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36406
Windows Hyper-V Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Windows Hyper-V. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36406 • CWE-20: Improper Input Validation •
CVE-2023-36043 – Open Management Infrastructure Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36043
Open Management Infrastructure Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Open Management Infrastructure. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-36052 – Azure CLI REST Command Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36052
Azure CLI REST Command Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del comando REST de la CLI de Azure. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36052 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVE-2023-36428 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36428
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del servicio del subsistema de la autoridad de seguridad local de Microsoft. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428 • CWE-125: Out-of-bounds Read •
CVE-2023-42480 – Information Disclosure in NetWeaver AS Java Logon
https://notcve.org/view.php?id=CVE-2023-42480
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability. El atacante no autenticado en la aplicación NetWeaver AS Java Logon versión 7.50 puede forzar la funcionalidad de inicio de sesión para identificar los ID de usuario legítimos. Esto tendrá un impacto en la confidencialidad, pero no hay ningún otro impacto en la integridad o disponibilidad. • https://me.sap.com/notes/3366410 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-307: Improper Restriction of Excessive Authentication Attempts •