Описание
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0.0 (включая) до 2.0.8 (исключая)
cpe:2.3:a:ibm:storage_defender:*:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00042
Низкий
5.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-297
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
больше 1 года назад
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
EPSS
Процентиль: 12%
0.00042
Низкий
5.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-297
CWE-295