CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27277 – IBM Storage Protect Plus Server information disclosure
https://notcve.org/view.php?id=CVE-2024-27277
21 Mar 2024 — The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205. La clave privada del certificado IBM Storage Protect Plus Server 10.1.0 a 10.1.16 se puede divulgar, lo que socava la seguridad del certificado. ID de IBM X-Force: 285205. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285205 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47715 – IBM Storage Protect Plus Server improper access control
https://notcve.org/view.php?id=CVE-2023-47715
21 Mar 2024 — IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538. IBM Storage Protect Plus Server 10.1.0 a 10.1.16 podría permitir que un usuario autenticado con permisos de solo lectura agregue o elimine entradas de una configuración de HyperVisor existente. ID de IBM X-Force: 271538. • https://exchange.xforce.ibmcloud.com/vulnerabilities/271538 • CWE-269: Improper Privilege Management •