Filtered by vendor Ibm
Subscriptions
Filtered by product Storage Defender Resiliency Service
Subscriptions
Total
9 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-52361 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-12-18 | 5.7 Medium |
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod. | ||||
CVE-2024-47119 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-12-18 | 5.9 Medium |
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. | ||||
CVE-2023-50956 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-12-18 | 4.4 Medium |
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text. | ||||
CVE-2024-38322 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-11-21 | 5.3 Medium |
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869. | ||||
CVE-2024-25031 | 1 Ibm | 2 Storage Defender, Storage Defender Resiliency Service | 2024-11-21 | 6.5 Medium |
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678. | ||||
CVE-2024-22313 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-11-21 | 6.2 Medium |
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749. | ||||
CVE-2024-22312 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-11-21 | 4.4 Medium |
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748. | ||||
CVE-2023-50957 | 1 Ibm | 1 Storage Defender Resiliency Service | 2024-11-21 | 8 High |
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783. | ||||
CVE-2024-38324 | 1 Ibm | 2 Storage Defender, Storage Defender Resiliency Service | 2024-09-30 | 5.9 Medium |
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system. |
Page 1 of 1.