Ibm: >> Spectrum Virtualize >> 8.5.0.0 Security Vulnerabilities
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID: 247033.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-03-05
IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-02-22
An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-02-22
IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-01-19