PT-2024-21787 · Ibm · Ibm Storage Protect Plus Server
Published
2024-03-21
·
Updated
2025-02-14
·
CVE-2024-27277
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Storage Protect Plus Server versions 10.1.0 through 10.1.16
Description
The private key for the IBM Storage Protect Plus Server certificate can be disclosed, undermining the security of the certificate. This issue allows for remote exploitation.
Recommendations
For versions 10.1.0 through 10.1.16, upgrade to a version that fixes the private key disclosure issue as soon as possible to prevent remote exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Storage Protect Plus Server