CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38322 – IBM Storage Defender information disclosure
https://notcve.org/view.php?id=CVE-2024-38322
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869. IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 La discrepancia en la respuesta de error de nombre de usuario y contraseña del agente expone el producto a una enumeración de fuerza bruta. ID de IBM X-Force: 294869. • https://exchange.xforce.ibmcloud.com/vulnerabilities/294869 https://www.ibm.com/support/pages/node/7158446 • CWE-204: Observable Response Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25031 – IBM Storage Defender information disclosure
https://notcve.org/view.php?id=CVE-2024-25031
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678. IBM Storage Defender - Resiliency Service 2.0.0 a 2.0.4 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante en la red utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 281678. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281678 https://www.ibm.com/support/pages/node/7158446 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-35156 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35156
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292766 https://www.ibm.com/support/pages/node/7158058 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-35155 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-35155
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292765 https://www.ibm.com/support/pages/node/7158059 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35139 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2024-35139
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. • https://exchange.xforce.ibmcloud.com/vulnerabilities/292415 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions •