CVE-2024-38320

Published: Jan 27, 2025Modified: Aug 18, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Affected (2)

Products: Ibm: Storage Protect For Virtual Environments, Storage Protect

2 products

Storage Protect For Virtual Environments

Storage Protect

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Storage Protect For Virtual Environments	From 8.1.0.0 to 8.1.24.0

Configuration B

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Ibm Storage Protect	From 8.1.0.0 to 8.1.24.0

Running on/with	Platform Versions
Apple Macos	All versions
Hp Hp Ux	All versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions
Oracle Solaris	All versions

Related CWEs

Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

References (2)

https://www.ibm.com/support/pages/node/7173462

Source: psirt@us.ibm.com

Vendor Advisory

https://www.ibm.com/support/pages/node/7173465

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.