169 matches found
CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-22314
IBM Storage Defender – Resiliency Service 2.0.0–2.0.12 uses weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The issue affects the Defender Resiliency Service and is documented across multiple sources (CVE-2024-22314). According to IBM/Red Hat ...
Security Bulletin: A denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency Service is vulnerable denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-26699 DESCRIPTION: An issue was discovered in Django 5.1 before...
PT-2025-16784 · Ibm · Ibm Storage Defender - Resiliency Service
Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.12 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...
IBM Storage Defender 加密问题漏洞
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. An encryption issue vulnerability exists in IBM Storage Defender - Resiliency Service 2.0.12 and prior versions, which stems from the use of a weak encryption algorithm that could...
Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...
Security Bulletin: Multiple vulnerabilities in IBM Storage Defender – Data Protect
Summary There are multiple vulnerabilities in Open Source packages that affect IBM Storage Defender – Data Protect. These vulnerabilities can result in runtime errors, denial of service, remote code execution, arbitrary command execution, bypass of security restrictions, incorrect file permission...
Security Bulletin: A buffer overread, security restrictions bypass, a use-after-free, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable to a buffer overread, security restrictions bypass, a use-after-free, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2020-15945 DESCRIPTION: Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in...
Security Bulletin: IBM Storage Defender Data Protect vulnerable to CVE-2024-45801 due to dependency on Open Source library.
Summary IBM Storage Defender Data Protect is vulnerable to CVE-2024-45801 due to dependency on Open Source library. Vulnerability Details CVEID:CVE-2024-45801 DESCRIPTION: DOMPurify could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in dept...
Security Bulletin: Denial of service, SQL injection, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, SQL injection, and others. The vulnerabilities have been addressed. CVE-2023-52425, CVE-2024-53908, CVE-2024-53907, CVE-2023-52426, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626,...
CVE-2024-38325
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
CVE-2024-38325
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
CVE-2024-38325 IBM Storage Defender information disclosure
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
CVE-2024-38325
IBM Storage Defender on‑prem Defender Sensor CLI (versions 2.0.0–2.0.7) may disclose sensitive information due to requests sent over an insecure channel, enabling MITM exposure. Root cause: insecure network handling in defender-sensor-cmd. Impact: potential information disclosure. Affected produc...
CVE-2024-38325 IBM Storage Defender information disclosure
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
IBM Storage Defender 安全漏洞
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender that originates from sending network requests over an insecure channel...
IBM Storage Defender Plaintext Transfer Vulnerability
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A plaintext transfer vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of keys stored in plaintext and can be exploited by a...
IBM Storage Defender Trust Management Issues Vulnerability
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A trust management issue vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the resiliency service not properly validating certificates, a...
CVE-2024-52361
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...