169 matches found
Security Bulletin: Insufficient verification of data authenticity might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable to insufficient verification of data authenticity. The vulnerability has been addressed. CVE-2023-37920 Vulnerability Details CVEID:CVE-2023-37920 DESCRIPTION: An unspecified error with the removal of e-Tugra root certificate in...
Security Bulletin: Potential Denial of Service in IBM Storage Defender - Data Protect
Summary IBM Storage Defender - Data Protect is potentially vulnerable to a denial of service attack via CVE-2022-21698. Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgolang is vulnerable to a denial of service, caused by a flaw when handling requests...
Security Bulletin: Vulnerabilities in GNU Binutils, Bootstrap, PortSmash, Node.js, and libarchive might affect IBM Storage Defender – Data Protect.
Summary IBM Storage Defender – Data Protect is vulnerable and that can result in denial of service attacks, cross-site scripting, execution of arbitrary code, gaining elevated privileges, low integrity and confidentiality impacts, and the ability to obtain sensitive information. The vulnerabiliti...
CVE-2024-38324
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...
CVE-2024-38324
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...
IBM Storage Defender 安全漏洞
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.7, which stems from a failure to validate server names during registration and logout operations...
CVE-2024-38324
CVE-2024-38324 affects IBM Storage Defender on‑prem Defender-Sensor-CMD CLI versions 2.0.0–2.0.7. The issue is that the CLI does not validate the server name during registration and unregistration, which could lead to exposure of sensitive information to an attacker with access to the system. Doc...
CVE-2024-38324 IBM Storage Defender improper certificate validation
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...
CVE-2024-38324 IBM Storage Defender improper certificate validation
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system...
PT-2024-27944 · Ibm · Ibm Storage Defender
Name of the Vulnerable Software and Affected Versions: IBM Storage Defender versions 2.0.0 through 2.0.7 Description: The issue concerns the defender-sensor-cmd CLI in IBM Storage Defender, which does not validate the server name during registration and unregistration operations. This could...
Security Bulletin: Denial of service and SQL injection might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-38325, CVE-2024-41990, CVE-2024-41989, CVE-2024-42005, CVE-2024-42005, CVE-2024-41991, CVE-2024-38324...
PT-2024-10413 · Ibm · Ibm Storage Defender
Name of the Vulnerable Software and Affected Versions: IBM Storage Defender versions 2.0.0 through 2.0.7 Description: The issue is related to the IBM Storage Defender's Defender Sensor component, which has incorrect data encryption. This could allow a remote attacker to obtain sensitive informati...
Security Bulletin: Denial of service and server-side request forgery might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-39249, CVE-2024-39338 Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of...
Security Bulletin: Privilege escalation attack might affect IBM Storage Defender – Data Protect
Summary IBM Storage Defender – Data Protect is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilitiy has been addressed. CVE-2023-4623 Vulnerability Details CVEID:CVE-2023-4623 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to...
Security Bulletin: Denial of service and remote code execution might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-6387, CVE-2024-39329, CVE-2024-38875, CVE-2024-39614, CVE-2024-39330, CVE-2024-21520, CVE-2024-39689,...
Security Bulletin: Denial of service and security restrictions bypass might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-27351, CVE-2024-34064, CVE-2024-32879, CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION:...
Security Bulletin: Denial of service and password enumeration might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2023-45288, CVE-2024-25031, CVE-2024-38322, CVE-2024-33883. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION:...
CVE-2024-38322
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...
CVE-2024-38322
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...
CVE-2024-25031
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...