Vulnerabilities > IBM > Storage Defender Resiliency Service

DATE CVE VULNERABILITY TITLE RISK
2024-06-28 CVE-2024-38322 Information Exposure Through Discrepancy vulnerability in IBM Storage Defender Resiliency Service
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration.
network
low complexity
ibm CWE-203
7.5
2024-02-10 CVE-2023-50957 Unspecified vulnerability in IBM Storage Defender Resiliency Service 2.0
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage.
network
low complexity
ibm
7.2
2024-02-10 CVE-2024-22312 Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-522
5.5
2024-02-10 CVE-2024-22313 Unspecified vulnerability in IBM Storage Defender Resiliency Service 2.0
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
local
low complexity
ibm
7.8