Vulnerability Details CVE-2024-38324
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 5.9
Products affected by CVE-2024-38324
-
cpe:2.3:a:ibm:storage_defender:2.0.0
-
cpe:2.3:a:ibm:storage_defender:2.0.4