CVE-2024-38324
published 2024-09-25CVE-2024-38324: IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | storage_defender | >= 2.0.0 < 2.0.8 | 2.0.8 |
| ibm | storage_defender_resiliency_service | 2.0.0 – 2.0.7 | — |