Ibm: >> Storage Defender Resiliency Service >> 2.0.9 Security Vulnerabilities
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-08
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-04-16
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-12-18
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
stores user credentials in plain text which can be read by an authenticated user with access to the pod.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-12-18
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-12-18