CVE-2024-38320

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-38320

5.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

I

BM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

References
Link Resource
https://www.ibm.com/support/pages/node/7173462 Vendor Advisory
https://www.ibm.com/support/pages/node/7173465 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:storage_protect_for_virtual_environments:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:ibm:storage_protect:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*
History

18 Aug 2025, 18:05

Type Values Removed Values Added
CPE cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storage_protect:*:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storage_protect_for_virtual_environments:*:*:*:*:*:*:*:*
References () https://www.ibm.com/support/pages/node/7173462 - () https://www.ibm.com/support/pages/node/7173462 - Vendor Advisory
References () https://www.ibm.com/support/pages/node/7173465 - () https://www.ibm.com/support/pages/node/7173465 - Vendor Advisory
First Time Apple macos
Ibm storage Protect For Virtual Environments
Apple
Microsoft
Linux linux Kernel
Ibm aix
Hp hp-ux
Oracle solaris
Hp
Oracle
Linux
Ibm
Ibm storage Protect
Microsoft windows
Summary
  • (es) IBM Storage Protect for Virtual Environments: Data Protection for VMware y Storage Protect Backup-Archive Client 8.1.0.0 a 8.1.23.0 utilizan algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial.

27 Jan 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-27 16:15

Updated : 2025-08-18 18:05

NVD link : CVE-2024-38320

Mitre link : CVE-2024-38320

CVE.ORG link : CVE-2024-38320

JSON object : View

Products Affected

microsoft

ibm

apple

oracle

linux

hp

CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm