CVE-2024-38322

Опубликовано: 28 июн. 2024

Источник: nvd

CVSS3: 5.3

CVSS3: 7.5

EPSS Низкий

Описание

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/294869
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7158446
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/294869
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7158446
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:storage_defender_resiliency_service:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.0.4 (включая)

EPSS

Процентиль: 31%

0.00121

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-204

CWE-203

Связанные уязвимости

GHSA-gv23-j6x4-4x4x

CVSS3: 5.3

github

больше 1 года назад

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.

EPSS

Процентиль: 31%

0.00121

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-204

CWE-203