CVE-2024-38325

Published Jan 27, 2025

Last updated a month ago

CVSS medium 5.9

Overview

Description: IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Source: psirt@us.ibm.com
NVD status: Received

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

psirt@us.ibm.com: CWE-311

Hype score: Not currently trending

CVE-2024-38325 IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network re… https://t.co/yHFOEwbg7o
@CVEnew
27 Jan 2025
344 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References