Skip to main content

Storage Defender Resiliency Service

8 CVEs product

Monthly

CVE-2025-64650 MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-22314 MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Storage Defender Resiliency Service
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-52361 MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
5.7
EPSS
0.5%
CVE-2024-47119 HIGH This Week

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-38322 HIGH This Week

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-27261 MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-22313 HIGH PATCH This Week

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass IBM Storage Defender Resiliency Service
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-22312 MEDIUM PATCH This Month

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Storage Defender Resiliency Service
NVD
EPSS 1% CVSS 5.7
MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 7.5
HIGH This Week

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 7.5
HIGH This Week

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass IBM Storage Defender Resiliency Service
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Storage Defender Resiliency Service
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy