← Voltar para CVEs
CVE-2024-38324
MEDIUM5.9
Descricao
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
Detalhes CVE
Pontuacao CVSS v3.15.9
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/25/2024
Ultima modificacao9/30/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:storage_defender
Fraquezas (CWE)
CWE-297CWE-295
Referencias
https://www.ibm.com/support/pages/node/7168640(psirt@us.ibm.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.