CVE-2024-38322

Name of the Vulnerable Software and Affected Versions IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.4

Description The issue is related to an agent username and password error response discrepancy, which exposes the product to brute force enumeration.

Recommendations For IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.4, consider restricting access to the agent username and password functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.