CVE-2023-50956

Опубликовано: 18 дек. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 4.9

EPSS Низкий

Описание

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9

could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.

Ссылки

https://www.ibm.com/support/pages/node/7178587
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:storage_defender_resiliency_service:*:*:*:*:*:*:*:*

Версия от 2.0 (включая) до 2.0.9 (включая)

EPSS

Процентиль: 22%

0.00071

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-256

Связанные уязвимости

GHSA-3mgg-3hqg-jjq6

CVSS3: 4.4

github

около 1 года назад

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.

EPSS

Процентиль: 22%

0.00071

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-256