CVE-2025-69271

CWE-522 — Insufficiently Protected Credentials3 documents3 sources

Severity

2.3LOW

EPSS

0.0%

top 84.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom DX Netops Spectrum

Timeline

PublishedJan 12

Description

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶NVDbroadcom/dx_netops_spectrum< 25.4.1

▶CVEListV5broadcom/dx_netops_spectrum24.3.13 and earlier

🔴Vulnerability Details

GHSA

GHSA-pm3g-p264-jq6h: Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks↗2026-01-12

▶

CVEList

Spectrum basic authentication in use↗2026-01-12

▶