Lucene search
K

169 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/11/26 9:10 p.m.16 views

Security Bulletin: Insufficient verification of data authenticity might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to insufficient verification of data authenticity. The vulnerability has been addressed. CVE-2023-37920 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in...

9.8CVSS6.7AI score0.00468EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/11 5:51 p.m.28 views

Security Bulletin: Potential Denial of Service in IBM Storage Defender - Data Protect

Summary IBM Storage Defender - Data Protect is potentially vulnerable to a denial of service attack via CVE-2022-21698. Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgolang is vulnerable to a denial of service, caused by a flaw when handling requests...

7.5CVSS7.2AI score0.05994EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/18 1:50 a.m.57 views

Security Bulletin: Vulnerabilities in GNU Binutils, Bootstrap, PortSmash, Node.js, and libarchive might affect IBM Storage Defender – Data Protect.

Summary IBM Storage Defender – Data Protect is vulnerable and that can result in denial of service attacks, cross-site scripting, execution of arbitrary code, gaining elevated privileges, low integrity and confidentiality impacts, and the ability to obtain sensitive information. The vulnerabiliti...

9.8CVSS9.8AI score0.05941EPSS
Exploits15Affected Software1
OSV
OSV
added 2024/09/25 1:15 a.m.7 views

CVE-2024-38324

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References1
NVD
NVD
added 2024/09/25 1:15 a.m.26 views

CVE-2024-38324

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...

6.5CVSS0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.4 views

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.7, which stems from a failure to validate server names during registration and logout operations...

6.5CVSS6.2AI score0.00344EPSS
Exploits0References2
CVE
CVE
added 2024/09/24 10:24 a.m.60 views

CVE-2024-38324

CVE-2024-38324 affects IBM Storage Defender on‑prem Defender-Sensor-CMD CLI versions 2.0.0–2.0.7. The issue is that the CLI does not validate the server name during registration and unregistration, which could lead to exposure of sensitive information to an attacker with access to the system. Doc...

6.5CVSS5.6AI score0.00344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/24 10:24 a.m.33 views

CVE-2024-38324 IBM Storage Defender improper certificate validation

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...

5.9CVSS0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/24 10:24 a.m.31 views

CVE-2024-38324 IBM Storage Defender improper certificate validation

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...

5.9CVSS6.3AI score0.00344EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.6 views

PT-2024-27944 · Ibm · Ibm Storage Defender

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender versions 2.0.0 through 2.0.7 Description: The issue concerns the defender-sensor-cmd CLI in IBM Storage Defender, which does not validate the server name during registration and unregistration operations. This could...

6.5CVSS6.6AI score0.00344EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/23 4:44 p.m.29 views

Security Bulletin: Denial of service and SQL injection might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-38325, CVE-2024-41990, CVE-2024-41989, CVE-2024-42005, CVE-2024-42005, CVE-2024-41991, CVE-2024-38324...

9.8CVSS7.7AI score0.01258EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.4 views

PT-2024-10413 · Ibm · Ibm Storage Defender

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender versions 2.0.0 through 2.0.7 Description: The issue is related to the IBM Storage Defender's Defender Sensor component, which has incorrect data encryption. This could allow a remote attacker to obtain sensitive informati...

7.5CVSS6.5AI score0.00247EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/26 5:29 p.m.34 views

Security Bulletin: Denial of service and server-side request forgery might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-39249, CVE-2024-39338 Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of...

7.5CVSS7.8AI score0.01414EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 12:34 a.m.58 views

Security Bulletin: Privilege escalation attack might affect IBM Storage Defender – Data Protect

Summary IBM Storage Defender – Data Protect is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilitiy has been addressed. CVE-2023-4623 Vulnerability Details CVEID:CVE-2023-4623 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to...

7.8CVSS8.2AI score0.00287EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/30 6:43 p.m.42 views

Security Bulletin: Denial of service and remote code execution might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-6387, CVE-2024-39329, CVE-2024-38875, CVE-2024-39614, CVE-2024-39330, CVE-2024-21520, CVE-2024-39689,...

8.1CVSS9.1AI score0.99506EPSS
Exploits69Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/03 8:6 p.m.24 views

Security Bulletin: Denial of service and security restrictions bypass might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-27351, CVE-2024-34064, CVE-2024-32879, CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION:...

7.5CVSS7.6AI score0.01854EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/01 7:15 p.m.25 views

Security Bulletin: Denial of service and password enumeration might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2023-45288, CVE-2024-25031, CVE-2024-38322, CVE-2024-33883. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION:...

7.5CVSS7.6AI score0.91969EPSS
Exploits2Affected Software1
OSV
OSV
added 2024/06/28 7:15 p.m.3 views

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References2
NVD
NVD
added 2024/06/28 7:15 p.m.32 views

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

7.5CVSS0.00409EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 7:15 p.m.2 views

CVE-2024-25031

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
Rows per page
Query Builder