Cyber Resilience

CVE-2024-38320

Medium

Published: 27 January 2025

Published
27 January 2025
Modified
18 August 2025
KEV Added
Patch
CVSS Score v3.1 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0006 20.0th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-38320 is a medium-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in Linux Linux Kernel. Its CVSS base score is 5.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unsecured Credentials (T1552); ranked at the 20.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-28 (Protection of Information at Rest).

Deeper analysis

CVE-2024-38320 is a cryptographic weakness (CWE-327) in IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client, affecting versions 8.1.0.0 through 8.1.23.0. These components use weaker than expected cryptographic algorithms, potentially enabling an attacker to decrypt highly sensitive information. The vulnerability carries a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating medium severity primarily due to high confidentiality impact.

An unauthenticated attacker (PR:N) can exploit this over the network (AV:N) without user interaction (UI:N), though it requires high attack complexity (AC:H). Exploitation yields high confidentiality impact (C:H), allowing decryption of sensitive data, with no effects on integrity, availability, or scope change.

IBM has published security bulletins detailing mitigations and patches at https://www.ibm.com/support/pages/node/7173462 and https://www.ibm.com/support/pages/node/7173465. Security practitioners should review these for upgrade instructions to address the weak algorithms.

EU & UK References

Vulnerability details

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Why these techniques?

Weak crypto (CWE-327) directly enables decryption of protected sensitive data (e.g., credentials or secrets), mapping to unsecured credentials access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-14480Same vendor: Ibm
CVE-2024-43178Same product: Linux Linux Kernel
CVE-2024-41763Same product: Linux Linux Kernel
CVE-2025-13916Same product: Linux Linux Kernel
CVE-2025-68698Shared CWE-327
CVE-2026-30791Same product: Apple Macos
CVE-2026-3598Same product: Apple Macos
CVE-2024-27256Same vendor: Ibm
CVE-2025-14917Same product: Apple Macos
CVE-2025-14915Same product: Apple Macos

Affected Assets

ibm
storage protect for virtual environments
8.1.0.0 — 8.1.24.0
ibm
storage protect
8.1.0.0 — 8.1.24.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates FIPS-validated cryptographic mechanisms to prevent decryption of sensitive information protected by weak algorithms as in CVE-2024-38320.

prevent

Requires timely identification, reporting, and correction of system flaws like CVE-2024-38320 through patching weak cryptographic implementations.

prevent

Implements cryptographic mechanisms to protect confidentiality of sensitive backup data at rest, directly countering weak algorithm vulnerabilities in storage protect software.

References