Описание
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 2.0.9 (включая)
cpe:2.3:a:ibm:storage_defender_resiliency_service:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00106
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
около 1 года назад
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.
EPSS
Процентиль: 29%
0.00106
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-295