CVE-2023-50956

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text...

CVE-2024-52361 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...

CVE-2024-52361 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...

CVE-2024-52361

The CVE-2024-52361 entry concerns IBM Storage Defender – Resiliency Service versions 2.0.0–2.0.9, where user credentials are stored in plain text reachable by an authenticated user with pod access. This information disclosure is confirmed by multiple sources (IBM Security Bulletin and CVE records...

CVE-2023-50956

IBM Storage Defender – Resiliency Service 2.0.0–2.0.9 exposes highly sensitive credentials due to secret keys stored in clear text. The CVE-2023-50956 entry notes privilege escalation risk for a privileged user with HIGH privileges and potential confidentiality impact. IBM’s remediation requires ...

CVE-2023-50956 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text...

CVE-2023-50956 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text...

CVE-2024-47119

IBM Storage Defender – Resiliency Service versions 2.0.0–2.0.9 do not properly validate certificates, allowing an attacker to spoof a trusted entity by interfering with the communication path between the host and client. Affected product/version: IBM Storage Defender - Resiliency Service 2.0.0–2....

CVE-2024-47119 IBM Storage Defender - Resiliency Service improper certificate validation

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client...

CVE-2024-47119 IBM Storage Defender - Resiliency Service improper certificate validation

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client...

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A plaintext transfer vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of keys stored in plaintext and can be exploited by a...

PT-2024-32414 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.9 Description: The issue is related to the improper validation of a certificate, which could allow an attacker to spoof a trusted entity by interfering in the communication...

IBM Storage Defender 信任管理问题漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A trust management issue vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the resiliency service not properly validating certificates, a...

PT-2024-14027 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.9 Description: The issue could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text. Recommendations: For...

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of user credentials stored in plain text that can be read by an...

PT-2024-35204 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.9 Description: The issue concerns the storage of user credentials in plain text, which can be accessed by an authenticated user with access to the pod. This allows potential...

Microsoft Defender Input Validation Error Vulnerability

Microsoft Defender is a threat protection software from Microsoft USA. A security vulnerability exists in Microsoft Defender. The vulnerability is exploited by attackers to perform spoofing attacks...

CVE-2024-49071

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network...

CVE-2024-49071 Windows Defender Information Disclosure Vulnerability

...

CVE-2024-49071

CVE-2024-49071 affects Microsoft Windows Defender (Windows Defender/Defender for Endpoint for Windows). The underlying issue is improper authorization of an index containing sensitive information from a Global Files search, which could allow an authorized attacker to disclose information over a n...