CVE-2024-38325

Medium

Published: 27 January 2025

Published

27 January 2025

Modified

14 August 2025

KEV Added

—

Patch

—

CVSS Score 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0005 16.6th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-38325 is a medium-severity Missing Encryption of Sensitive Data (CWE-311) vulnerability in Ibm Storage Defender. Its CVSS base score is 5.9 (Medium).

Operationally, ranked at the 16.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-8 (Transmission Confidentiality and Integrity).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-8 Transmission Confidentiality and Integrity good match

prevent

Requires protection of the confidentiality of sensitive information transmitted over networks by the defender-sensor-cmd CLI, directly preventing MITM interception via insecure channels.

SC-13 Cryptographic Protection good match

prevent

Mandates cryptographic mechanisms to prevent unauthorized disclosure of sensitive data in transit, addressing the missing encryption in CLI network requests.

SI-2 Flaw Remediation good match

prevent

Ensures timely remediation of the specific software flaw in IBM Storage Defender CLI through patching, eliminating the insecure transmission vulnerability.

NVD Description

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in…

the middle techniques.

Deeper analysisAI

CVE-2024-38325 affects IBM Storage Defender versions 2.0.0 through 2.0.7, specifically the on-prem defender-sensor-cmd CLI component. The vulnerability arises from the CLI sending network requests over an insecure channel, which could allow a remote attacker to obtain sensitive information. It is classified under CWE-311 (Missing Encryption of Sensitive Data) with a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating medium severity primarily due to high confidentiality impact.

A remote attacker with no privileges or user interaction required can exploit this vulnerability, though it demands high attack complexity, likely involving positioning for man-in-the-middle (MITM) techniques on the network path. Successful exploitation enables the attacker to intercept and obtain sensitive information transmitted by the CLI, without impacting integrity or availability.

For mitigation details, refer to the IBM security bulletin at https://www.ibm.com/support/pages/node/7168640, which provides information on patches and remediation steps.

Details

CWE(s): CWE-311

Affected Products

ibm

storage defender

2.0.0 — 2.0.8

CVEs Like This One

CVE-2024-56340Same vendor: Ibm

CVE-2024-43187Same vendor: Ibm

CVE-2025-0162Same vendor: Ibm

CVE-2024-28766Same vendor: Ibm

CVE-2025-14480Same vendor: Ibm

CVE-2024-25034Same vendor: Ibm

CVE-2024-39750Same vendor: Ibm

CVE-2024-49352Same vendor: Ibm

CVE-2025-3320Same vendor: Ibm

CVE-2025-13689Same vendor: Ibm

References

https://www.ibm.com/support/pages/node/7168640
Vendor Advisory · psirt@us.ibm.com