167 matches found
Security Bulletin: IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.4/Data Protect 7.4
Summary IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.4/Data Protect 7.4. The vulnerabilities have been addressed in Data Protect 7.4, which is included in IBM Storage Defender 2.1.4 Vulnerability Details CVEID:CVE-2021-45960 DESCRIPTION: In Expat ak...
Security Bulletin: Vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash might affect IBM Storage Defender Copy Data Management.
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash. Vulnerabilities include an attacker, local attacker, remote attacker and authenticated attacker could exploit these vulnerabilitie...
Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat. Vulnerabilities include Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token and...
Security Bulletin: Vulnerabilities in Apache Tomcat and Lodash might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat and Lodash. Vulnerabilities include Improper Input Validation vulnerability in Apache Tomcat, Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apach...
Security Bulletin: Vulnerabilities in Apache Tomcat and hoek might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Apache Tomcat and hoek. Vulnerabilities include Relative Path Traversal vulnerability in Apache Tomcat, Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat, Improper...
Security Bulletin: Vulnerabilities in urllib3, router, qs, cryptography, axios might affect IBM Storage Defender Sentinel Anomaly Scan Engine.
Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by vulnerabilities in urllib3, router, qs, cryptography, and axios. Vulnerabilities include allowing an attacker to cause cross-site scripting, input improper data, provide a public key point from a small order subgroup, an...
Security Bulletin: Vulnerabilities in lodash, qs might affect IBM Storage Defender Sentinel Anomaly Scan Engine.
Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by vulnerabilities in lodash, qs, and react-router. Vulnerabilities include allowing an attacker to cause improper modification of object attributes, open redirect, and denial of service. More details are described by the...
Security Bulletin: Vulnerabilities in Glob might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Glob. The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names as described by the CVEs in the...
Security Bulletin: File permission modification, improper access control, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency Service is vulnerable to file permission modification, improper access control, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, ...
CVE-2023-50963
IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...
CVE-2023-50957
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783...
Security Bulletin: Vulnerabilities in smarty and axios might affect IBM Storage Defender Sentinel Anomaly Scan Engine.
Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by vulnerabilities in smarty and axios. Vulnerabilities include allowing an attacker to inject malicious scripts into a Web page and steal cookie-based authentication credentials, execute arbitrary code on the system, and...
Security Bulletin: IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.0/Data Protect 7.3
Summary IBM Storage Defender: Data Protect critical vulnerabilities resolved in release Defender 2.1.0/Data Protect 7.3. The vulnerabilities have been addressed in Data Protect 7.3, which is included in IBM Storage Defender 2.1.0 Vulnerability Details CVEID:CVE-2025-20260 DESCRIPTION: A...
CVE-2025-64650
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
EUVD-2025-201832
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
CVE-2025-64650
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
CVE-2025-64650
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...
CVE-2025-64650
CVE-2025-64650 affects IBM Storage Defender - Resiliency Service for versions 2.0.0–2.0.18, with a disclosed vulnerability where sensitive user credentials could be exposed in log files. The issue is documented across multiple sources (IBM Security Bulletin and Red Hat/EU ENISA entries) and is ti...