CVE-2024-38325

Medium

Published: 27 January 2025

Published

27 January 2025

Modified

14 August 2025

KEV Added

—

Patch

—

CVSS Score 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0005 16.5th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Description

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

Security Summary

CVE-2024-38325 affects IBM Storage Defender versions 2.0.0 through 2.0.7, specifically the on-prem defender-sensor-cmd CLI component. The vulnerability arises from the CLI sending network requests over an insecure channel, which could allow a remote attacker to obtain sensitive information. It is classified under CWE-311 (Missing Encryption of Sensitive Data) with a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating medium severity primarily due to high confidentiality impact.

A remote attacker with no privileges or user interaction required can exploit this vulnerability, though it demands high attack complexity, likely involving positioning for man-in-the-middle (MITM) techniques on the network path. Successful exploitation enables the attacker to intercept and obtain sensitive information transmitted by the CLI, without impacting integrity or availability.

For mitigation details, refer to the IBM security bulletin at https://www.ibm.com/support/pages/node/7168640, which provides information on patches and remediation steps.

Details

CWE(s): CWE-311

Affected Products

ibm

storage defender

2.0.0 — 2.0.8

References

https://www.ibm.com/support/pages/node/7168640
Vendor Advisory · psirt@us.ibm.com