IBM Spectrum Virtualize
By the Year
In 2024 there have been 0 vulnerabilities in IBM Spectrum Virtualize . Last year Spectrum Virtualize had 4 security vulnerabilities published. Right now, Spectrum Virtualize is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 4 | 7.18 |
2022 | 1 | 9.80 |
2021 | 1 | 8.10 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Spectrum Virtualize vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Spectrum Virtualize Security Vulnerabilities
IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download
CVE-2023-27870
7.5 - High
- May 11, 2023
IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.
Information Disclosure
An authenticated user
CVE-2022-43873
8.8 - High
- February 22, 2023
An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847.
IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files
CVE-2022-43870
6.5 - Medium
- February 22, 2023
IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540.
Insertion of Sensitive Information into Log File
IBM Spectrum Virtualize 8.5
CVE-2022-39167
5.9 - Medium
- January 19, 2023
IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408.
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could
CVE-2021-38969
9.8 - Critical
- May 11, 2022
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609.
Use of Hard-coded Credentials
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information
CVE-2021-29873
8.1 - High
- October 21, 2021
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM San Volume Controller Firmware or by IBM? Click the Watch button to subscribe.