CVE-2024-22312

CWE-256CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Storage Defender - Resiliency ServiceIBM Storage Defender Resiliency Service
Timeline
PublishedFeb 10

Description

IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
CVEList
IBM Storage Defender - Resiliency Service information disclosure2024-02-10
GHSA
GHSA-6qjv-w5w3-xfr7: IBM Storage Defender - Resiliency Service 22024-02-10
CVE-2024-22312 (MEDIUM CVSS 5.5) | IBM Storage Defender - Resiliency S | cvebase.io