Vulnerabilities > IBM > Storage Defender Resiliency Service > 2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-10	CVE-2023-50957	Improper Privilege Management vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. network low complexity ibm CWE-269	7.2
2024-02-10	CVE-2024-22312	Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. local low complexity ibm CWE-522	5.5
2024-02-10	CVE-2024-22313	Use of Hard-coded Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. local low complexity ibm CWE-798	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.