CVE-2025-69270

Critical

Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session…

ca·CWE-598·Published 2026-01-12

CVSS

9.8

EPSS

0.00

KEV

Exploits

Vendor statements (1)

support.broadcom.com

cve.orgen

204 chars

Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earlier.

NVDes

236 chars

Exposición de información a través de cadenas de consulta en solicitudes GET vulnerabilidad en Broadcom DX NetOps Spectrum en Windows, Linux permite el secuestro de sesión. Este problema afecta a DX NetOps Spectrum: 24.3.8 y anteriores.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0	Primary	cve.org	2.3	—	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
4.0	Secondary	NVD	2.3	—	—	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X