CVE-2023-43042: IBM Storage Virtualize information disclosure
First published: Thu Dec 14 2023(Updated: )
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. IBM X-Force ID: 266874.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Virtualize | =8.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-43042?
CVE-2023-43042 has a high severity rating due to the use of default passwords for privileged users.
How do I fix CVE-2023-43042?
To fix CVE-2023-43042, you should change the default passwords for all privileged accounts in the affected IBM products.
Which IBM products are affected by CVE-2023-43042?
CVE-2023-43042 affects IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem, and IBM Storage Virtualize 8.3.
What potential risks are associated with CVE-2023-43042?
The risks associated with CVE-2023-43042 include unauthorized access to sensitive information and potential control over storage systems.
When was CVE-2023-43042 disclosed?
CVE-2023-43042 was disclosed as part of IBM's efforts to enhance security for their storage products.
- collector/mitre-cve
- agent/weakness
- agent/title
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm spectrum virtualize
- version/ibm spectrum virtualize/8.3