{"vulnerability": "CVE-2023-2786", "sightings": [{"uuid": "011aea8c-6a79-4a8e-af27-6cf654f1d771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27861", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/743", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27861\n\ud83d\udd39 Description: IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques.  IBM X-Force ID:  249208.\n\ud83d\udccf Published: 2023-06-05T00:23:57.700Z\n\ud83d\udccf Modified: 2025-01-08T16:49:13.737Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6999917\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/249208", "creation_timestamp": "2025-01-08T17:15:38.000000Z"}, {"uuid": "1cde561f-43d1-405f-8a21-84be6d5b027d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27863", "type": "seen", "source": "https://t.me/cibsecurity/64054", "content": "\u203c CVE-2023-27863 \u203c\n\nIBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T22:27:07.000000Z"}, {"uuid": "b713d029-b77e-47d0-994d-19a86f6d3a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27866", "type": "seen", "source": "https://t.me/cibsecurity/65634", "content": "\u203c CVE-2023-27866 \u203c\n\nIBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when driver code or the application using the driver do not verify supplied LDAP URL in Connect String. IBM X-Force ID: 249511.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-28T20:13:03.000000Z"}, {"uuid": "7a5b5d3d-9efb-4e15-a5ae-cf3ace928e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27860", "type": "seen", "source": "https://t.me/cibsecurity/63003", "content": "\u203c CVE-2023-27860 \u203c\n\nIBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could disclose sensitive information in an error message. This information could be used in further attacks against the system. IBM X-Force ID: 249207.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T22:26:44.000000Z"}, {"uuid": "e30524e9-3623-4b07-a3d0-e007cfa38bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2786", "type": "seen", "source": "https://t.me/cibsecurity/65295", "content": "\u203c CVE-2023-2786 \u203c\n\nMattermost fails to properly check the\u00c2\u00a0permissions when executing commands allowing a member with no permissions\u00c2\u00a0to post a message in a channel to actually post it by executing channel commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-16T12:27:30.000000Z"}]}