Brute Force Vulnerability in IBM Storage Defender Exposes Product to Enumeration
CVE-2024-38322
5.3MEDIUM
Summary
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.
Affected Version(s)
Storage Defender - Resiliency Service <= 2.0.4
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database