#VU94819 Improper Authorization in Storage Protect for Virtual Environments: Data Protection for VMware - CVE-2024-38329

Cybersecurity Help s.r.o.

Published: 2024-07-29

Vulnerability identifier: #VU94819

Vulnerability risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38329

CWE-ID: CWE-285

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Storage Protect for Virtual Environments: Data Protection for VMware
Other software / Other software solutions

Vendor: IBM Corporation

Description

The vulnerability allows a remote user to bypass security restrictions.

The vulnerability exists due to improper validation of user permission. A remote user can send a specially crafted request and exploit this vulnerability to change settings, trigger backups, restore backups, and also delete all previous backups via log rotation.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Storage Protect for Virtual Environments: Data Protection for VMware : before 8.1.23.0

External links
https://www.ibm.com/support/pages/node/7157929
https://exchange.xforce.ibmcloud.com/vulnerabilities/294994

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper authorization in IBM Storage Protect for Virtual Environments: Data Protection for VMware