CVE-2024-52361

Name of the Vulnerable Software and Affected Versions IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.9

Description The issue concerns the storage of user credentials in plain text, which can be accessed by an authenticated user with access to the pod. This allows potentially sensitive information to be read by individuals who should not have access to it.

Recommendations For versions 2.0.0 through 2.0.9, consider restricting access to the pod to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit the privileges of authenticated users to reduce the potential impact of this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.