漏洞描述
IBM Storage Defender是美国国际商业机器(IBM)公司的一种提供端到端数据弹性的解决方案。 IBM Storage Defender 2.0.0至2.0.9版本存在信任管理问题漏洞,该漏洞源于弹性服务未正确验证证书,攻击者可以通过干扰主机和客户端之间的通信路径来欺骗受信任的实体。
IBM Storage Defender 信任管理问题漏洞
PoC代码
暂无相关漏洞推荐
- (CVE-2025-0011)AMD Crash Defender敏感信息泄露漏洞
- (CVE-2025-0009)AMD Crash Defender空指针解引用漏洞
- ibm-storage-default-password: IBM Storage Management Default Login
- POC CVE-2010-1858: Joomla! Component SMEStorage - Local File Inclusion
- POC CVE-2020-8982: Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
- POC CVE-2021-37216: QSAN Storage Manager <3.3.3 - Cross-Site Scripting
- POC CVE-2023-24489: Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution
- POC CVE-2023-5089: Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)
- POC CVE-2024-3272: D-Link Network Attached Storage - Backdoor Account
- POC CVE-2024-3273: D-Link Network Attached Storage - Command Injection and Backdoor Account
- POC rds-instance-autoscaling-disabled: RDS Instance Storage AutoScaling - Disabled
- POC azure-storage-account-delete-unalerted: Azure Storage Account Delete Alert Not Configured
- POC azure-storage-account-update-unalerted: Azure Storage Account Create/Update Alert Not Configured