8 matches found
CVE-2023-25681
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID...
EUVD-2023-29596
Malicious code in bioql PyPI...
CVE-2023-25681
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID...
Default credentials
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID...
CVE-2023-25681 IBM Spectrum Virtualize security bypass
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID...
CVE-2023-25681 IBM Spectrum Virtualize security bypass
LDAP users on IBM Spectrum Virtualize 8.5 which are configured to require multifactor authentication can still authenticate to the CIM interface using only username and password. This does not affect local users with MFA configured or remote users authenticating via single sign-on. IBM X-Force ID...
PT-2024-12068 · Ibm · Ibm Spectrum Virtualize
Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize version 8.5 Description: The issue allows LDAP users configured to require multifactor authentication to authenticate to the CIM interface using only a username and password. This does not affect local users with MFA...
Security Bulletin: MFA may be bypassed for LDAP users in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
Summary LDAP users which are configured to require Multifactor Authentication MFA can still authenticate to the Common Information Model CIM interface using only username and password, which will allow them to perform a subset of configuration actions described here:...