CVE-2022-43870

Name of the Vulnerable Software and Affected Versions IBM Spectrum Virtualize versions 8.3 through 8.5

Description The issue is related to the disclosure of SNMPv3 server credentials through log files. This could allow a remote attacker to gain unauthorized access to protected information. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For IBM Spectrum Virtualize versions 8.3 through 8.5, consider restricting access to log files to minimize the risk of exploitation. As a temporary workaround, limit the privileges of authenticated users who can access these log files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.