Vulnerabilities > CVE-2023-27870 - Information Exposure Through Discrepancy vulnerability in IBM Spectrum Virtualize 8.5

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

high complexity

ibm

CWE-203

NVD

Published: 2023-05-11

Updated: 2025-01-24

Summary

IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Spectrum Virtualize 8.5	1

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/249518
https://exchange.xforce.ibmcloud.com/vulnerabilities/249518
https://www.ibm.com/support/pages/node/6985697
https://www.ibm.com/support/pages/node/6985697