3 matches found
CVE-2024-38325
IBM Storage Defender on‑prem Defender Sensor CLI (versions 2.0.0–2.0.7) may disclose sensitive information due to requests sent over an insecure channel, enabling MITM exposure. Root cause: insecure network handling in defender-sensor-cmd. Impact: potential information disclosure. Affected produc...
CVE-2024-25031
CVE-2024-25031 affects IBM Storage Defender – Resiliency Service 2.0.0–2.0.4. The root cause is an inadequate account lockout setting that could allow an attacker over an adjacent network to brute‑force credentials. CVSSv3.1 metrics (AV:A, AC:L, PR:N, UI:N, S:U, C:H, I:N, A:N) indicate a base sco...
CVE-2024-38324
CVE-2024-38324 affects IBM Storage Defender on‑prem Defender-Sensor-CMD CLI versions 2.0.0–2.0.7. The issue is that the CLI does not validate the server name during registration and unregistration, which could lead to exposure of sensitive information to an attacker with access to the system. Doc...