Storage Defender Resiliency Service@* Security Vulnerabilities and Issues — Storage Defender Resiliency Service@* CVE List

Lucene search

IbmStorage Defender Resiliency Service*

6 matches found

CVE•added 2024/06/28 7:15 p.m.•49 views

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.

7.5CVSS5.6AI score0.00089EPSS

CVE•added 2024/04/12 1:15 p.m.•45 views

CVE-2024-27261

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the package was installed. IBM X-Force ID: 283986.

6.8CVSS6.2AI score0.00033EPSS

CVE•added 2024/12/18 4:15 p.m.•45 views

CVE-2024-47119

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.

7.5CVSS5.6AI score0.00039EPSS

CVE•added 2025/04/16 5:15 p.m.•44 views

CVE-2024-22314

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5CVSS5.6AI score0.00022EPSS

CVE•added 2024/12/18 4:15 p.m.•42 views

CVE-2024-52361

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod.

5.7CVSS5.4AI score0.0003EPSS

CVE•added 2024/12/18 4:15 p.m.•38 views

CVE-2023-50956

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.

4.9CVSS4.5AI score0.00046EPSS