Storage Defender Resiliency Service@* Security Vulnerabilities and Issues — Storage Defender Resiliency Service@* CVE List

Lucene search

IbmStorage Defender Resiliency Service*

5 matches found

CVE•added 2024/06/28 7:15 p.m.•47 views

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.

7.5CVSS5.6AI score0.00116EPSS

CVE•added 2024/04/12 1:15 p.m.•44 views

CVE-2024-27261

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the package was installed. IBM X-Force ID: 283986.

6.8CVSS6.2AI score0.00028EPSS

CVE•added 2024/12/18 4:15 p.m.•44 views

CVE-2024-47119

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.

7.5CVSS5.6AI score0.00031EPSS

CVE•added 2024/12/18 4:15 p.m.•41 views

CVE-2024-52361

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod.

5.7CVSS5.4AI score0.00024EPSS

CVE•added 2024/12/18 4:15 p.m.•37 views

CVE-2023-50956

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.

4.9CVSS4.5AI score0.00036EPSS