CVE-2022-43873

An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847...

Code injection

IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540...

Code injection

An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847...

CVE-2022-43873

CVE-2022-43873 affects IBM Spectrum Virtualize GUI (versions 8.2–8.5). An authenticated user can execute code and escalate privileges on the system due to a GUI vulnerability. IBM and Red Hat attest to a privilege-escalation impact with a CVSS-derived high/medium range and list concrete remediati...

CVE-2022-43873 IBM Spectrum Virtualize privilege escalation

An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847...

CVE-2022-43870

IBM Spectrum Virtualize 8.3–8.5 contains a vulnerability where SNMPv3 server credentials can be disclosed to an authenticated user via log files. Root cause: credentials logged in plaintext in system/audit logs accessible to authenticated users. Impact: confidentiality of SNMPv3 credentials could...

CVE-2022-43870 IBM Spectrum Virtualize information disclosure

IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540...

CVE-2022-43870 IBM Spectrum Virtualize information disclosure

IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540...

IBM Spectrum Virtualize 安全漏洞

IBM Spectrum Virtualize is a block storage virtualization system from International Business Machines IBM, Inc. that improves the data value, security, and simplicity of new and existing storage infrastructures. A security vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, 8.4, an...

IBM Spectrum Virtualize 日志信息泄露漏洞

IBM Spectrum Virtualize is a block storage virtualization system from International Business Machines IBM, Inc. that improves the data value, security, and simplicity of new and existing storage infrastructures. A log information disclosure vulnerability exists in IBM Spectrum Virtualize versions...

IBM Spectrum Virtualize Information Disclosure Vulnerability

IBM Spectrum Virtualize, a block storage virtualization system from International Business Machines IBM, Inc. It improves data value, security and simplicity for new and existing storage infrastructures. IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2 and 7.8 have an information disclosure vulnerabili...

PT-2023-6698 · Ibm · Ibm Spectrum Virtualize

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize versions 8.2 through 8.5 Description: The issue is related to insufficient protection of internal data in the graphical user interface of the software, which can be exploited by an authenticated user to execute arbitra...

PT-2023-6700 · Ibm · Ibm Spectrum Virtualize

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize versions 8.3 through 8.5 Description: The issue is related to the disclosure of SNMPv3 server credentials through log files. This could allow a remote attacker to gain unauthorized access to protected information. The...

CVE-2022-39167

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

CVE-2022-39167

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

Code injection

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

CVE-2022-39167 IBM Spectrum Virtualize information disclosure

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

CVE-2022-39167

CVE-2022-39167 affects IBM Spectrum Virtualize versions 7.8, 8.2–8.5. Under certain configurations, it could disclose sensitive information to an attacker via man-in-the-middle techniques. The NVD/NVDA-derived score is CVSS v3.1 base 5.9 (MEDIUM), with network access, high attack complexity, and ...

CVE-2022-39167 IBM Spectrum Virtualize information disclosure

IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408...

IBM Spectrum Virtualize 信息泄露漏洞

IBM Spectrum Virtualize, a block storage virtualization system from International Business Machines IBM, Inc. It improves data value, security and simplicity for new and existing storage infrastructures. IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2 and 7.8 have an information disclosure vulnerabili...