Information Exposure in Broadcom DX NetOps Spectrum Leading to Session Hijacking
CVE-2025-69270
2.3LOW
What is CVE-2025-69270?
The vulnerability in Broadcom DX NetOps Spectrum allows unauthorized access to sensitive session information through poorly secured query strings in GET requests. This exposure can lead to session hijacking, where an attacker can manipulate or impersonate legitimate users. Affected versions up to 24.3.8 on both Windows and Linux platforms are at risk, necessitating immediate attention and remediation.
Affected Version(s)
DX NetOps Spectrum Windows 24.3.8 and earlier
DX NetOps Spectrum Windows 24.3.9 and later
References
CVSS V4
Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Jean-Michel Huguet and Jorge Escabias from NATO Cyber Security Centre