Vulnerabilities > IBM > Storage Defender Resiliency Service
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-28 | CVE-2024-38322 | Information Exposure Through Discrepancy vulnerability in IBM Storage Defender Resiliency Service IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. | 7.5 |
| 2024-02-10 | CVE-2023-50957 | Cleartext Storage of Sensitive Information vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. | 7.2 |
| 2024-02-10 | CVE-2024-22312 | Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2024-02-10 | CVE-2024-22313 | Use of Hard-coded Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |