CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2024-22312: IBM Storage Defender - Resiliency Service information disclosure
4.4
CVSS
Description
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748.
Classification
CVE ID: CVE-2024-22312
CVSS Base Severity: MEDIUM
CVSS Base Score: 4.4
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Problem Types
CWE-256 Plaintext Storage of a PasswordAffected Products
Vendor: IBM
Product: Storage Defender - Resiliency Service
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.01% (probability of being exploited)
EPSS Percentile: 1.24% (scored less or equal to compared to others)
EPSS Date: 2025-06-21 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-22312https://www.ibm.com/support/pages/node/7115261
https://exchange.xforce.ibmcloud.com/vulnerabilities/278748