Filtered by vendor Ibm Subscriptions
Filtered by product Storage Defender Resiliency Service Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38324 1 Ibm 2 Storage Defender, Storage Defender Resiliency Service 2024-09-30 5.9 Medium
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
CVE-2023-50957 1 Ibm 1 Storage Defender Resiliency Service 2024-09-20 8 High
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.
CVE-2024-38322 1 Ibm 1 Storage Defender Resiliency Service 2024-08-20 5.3 Medium
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.
CVE-2024-25031 1 Ibm 2 Storage Defender, Storage Defender Resiliency Service 2024-08-01 6.5 Medium
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678.
CVE-2024-22313 1 Ibm 1 Storage Defender Resiliency Service 2024-08-01 6.2 Medium
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749.
CVE-2024-22312 1 Ibm 1 Storage Defender Resiliency Service 2024-08-01 4.4 Medium
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748.