CVE-2024-47119
published 2024-12-18CVE-2024-47119: IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | storage_defender_resiliency_service | 2.0 – 2.0.9 | — |
| ibm | storage_defender_resiliency_service | 2.0.0 – 2.0.9 | — |
| linux | linux_kernel | >= 0 < 5.4.0-214.234 | 5.4.0-214.234 |
| linux | linux_kernel | >= 0 < 3.13.0-205.256 | 3.13.0-205.256 |
| linux | linux_kernel | >= 0 < 4.4.0-267.301 | 4.4.0-267.301 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv5.5MEDIUM