Multiple Adobe Products Vulnerabilities
July 16, 2024ICS: Multiple Rockwell Automation FactoryTalk Vulnerabilities
July 16, 2024Multiple Adobe Products Vulnerabilities
July 16, 2024ICS: Multiple Rockwell Automation FactoryTalk Vulnerabilities
July 16, 2024Severity
Medium
Analysis Summary
CVE-2024-35155 CVSS:6.5
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2024-38322 CVSS:5.3
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-35155
- CVE-2024-38322
Affected Vendors
Affected Products
- IBM MQ 9.3 LTS
- IBM MQ 9.3 CD
- IBM Storage Defender 2.0.0
- IBM Storage Defender 2.0.4
Remediation
Refer to the appropriate IBM Security Advisory for patch, upgrade or suggested workaround information.