Unrated severityNVD Advisory· Published Sep 24, 2024· Updated Sep 24, 2024
IBM Storage Defender improper certificate validation
CVE-2024-38324
Description
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.0:*:*:*:*:*:*:*Range: 2.0.0
- Range: 2.0.0 - 2.0.7
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.