Lucene search
K

169 matches found

Vulnrichment
Vulnrichment
added 2025/04/16 4:17 p.m.7 views

CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS5.7AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 4:17 p.m.14 views

CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS0.00185EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 4:17 p.m.55 views

CVE-2024-22314

IBM Storage Defender – Resiliency Service 2.0.0–2.0.12 uses weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The issue affects the Defender Resiliency Service and is documented across multiple sources (CVE-2024-22314). According to IBM/Red Hat ...

7.5CVSS5.6AI score0.00185EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/16 4:15 p.m.27 views

Security Bulletin: A denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-26699 DESCRIPTION: An issue was discovered in Django 5.1 before...

8.8CVSS6AI score0.02357EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.5 views

PT-2025-16784 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.12 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

7.5CVSS7.2AI score0.00185EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

IBM Storage Defender 加密问题漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. An encryption issue vulnerability exists in IBM Storage Defender - Resiliency Service 2.0.12 and prior versions, which stems from the use of a weak encryption algorithm that could...

7.5CVSS7.4AI score0.00185EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:50 a.m.46 views

Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...

9.1CVSS8.9AI score0.28637EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:57 a.m.72 views

Security Bulletin: Multiple vulnerabilities in IBM Storage Defender – Data Protect

Summary There are multiple vulnerabilities in Open Source packages that affect IBM Storage Defender – Data Protect. These vulnerabilities can result in runtime errors, denial of service, remote code execution, arbitrary command execution, bypass of security restrictions, incorrect file permission...

10CVSS9.2AI score0.83223EPSS
Exploits25Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/25 11:50 p.m.23 views

Security Bulletin: A buffer overread, security restrictions bypass, a use-after-free, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to a buffer overread, security restrictions bypass, a use-after-free, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2020-15945 DESCRIPTION: Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in...

9CVSS9.4AI score0.13794EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/11 5:47 p.m.28 views

Security Bulletin: IBM Storage Defender Data Protect vulnerable to CVE-2024-45801 due to dependency on Open Source library.

Summary IBM Storage Defender Data Protect is vulnerable to CVE-2024-45801 due to dependency on Open Source library. Vulnerability Details CVEID:CVE-2024-45801 DESCRIPTION: DOMPurify could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in dept...

7.3CVSS7.7AI score0.00844EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/24 11:37 p.m.20 views

Security Bulletin: Denial of service, SQL injection, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, SQL injection, and others. The vulnerabilities have been addressed. CVE-2023-52425, CVE-2024-53908, CVE-2024-53907, CVE-2023-52426, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626,...

9.8CVSS9.2AI score0.18087EPSS
Exploits21Affected Software1
OSV
OSV
added 2025/01/27 4:15 p.m.3 views

CVE-2024-38325

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

7.5CVSS5.8AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 4:15 p.m.33 views

CVE-2024-38325

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

7.5CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 3:27 p.m.12 views

CVE-2024-38325 IBM Storage Defender information disclosure

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

5.9CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 3:27 p.m.71 views

CVE-2024-38325

IBM Storage Defender on‑prem Defender Sensor CLI (versions 2.0.0–2.0.7) may disclose sensitive information due to requests sent over an insecure channel, enabling MITM exposure. Root cause: insecure network handling in defender-sensor-cmd. Impact: potential information disclosure. Affected produc...

7.5CVSS6.2AI score0.00247EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/27 3:27 p.m.8 views

CVE-2024-38325 IBM Storage Defender information disclosure

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

5.9CVSS5.5AI score0.00247EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender that originates from sending network requests over an insecure channel...

7.5CVSS6.5AI score0.00247EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/25 12:0 a.m.6 views

IBM Storage Defender Plaintext Transfer Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A plaintext transfer vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of keys stored in plaintext and can be exploited by a...

4.9CVSS6.3AI score0.00345EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/25 12:0 a.m.4 views

IBM Storage Defender Trust Management Issues Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A trust management issue vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the resiliency service not properly validating certificates, a...

7.5CVSS6.6AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 4:15 p.m.3 views

CVE-2024-52361

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...

5.7CVSS5.8AI score0.00522EPSS
Exploits0References1
Rows per page
Query Builder