CVE-2024-47119

CWE-295Improper Certificate Validation11 documents4 sources
Severity
7.5HIGH
EPSS
0.1%
top 71.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Storage Defender - Resiliency ServiceIBM Storage Defender Resiliency Service
Timeline
PublishedDec 18
Latest updateMay 2

Description

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

10
OSV
linux-xilinx-zynqmp vulnerabilities2025-05-02
OSV
linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities2025-04-24
OSV
linux-aws, linux-aws-5.4, linux-gcp-5.4, linux-iot vulnerabilities2025-04-24
OSV
linux-aws-fips vulnerabilities2025-04-24
OSV
linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities2025-04-24
CVE-2024-47119 (HIGH CVSS 7.5) | IBM Storage Defender - Resiliency S | cvebase.io