Lucene search

IbmCVELIST:CVE-2022-22315

HistoryApr 27, 2022 - 5:55 p.m.

CVE-2022-22315

2022-04-2717:55:10

ibm

www.cve.org

ibm

urbancode deploy

permissions

security vulnerability

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

39.9%

JSON

IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. IBM X-Force ID: 217955.

CNA Affected

[
  {
    "product": "UrbanCode Deploy",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.2.7.0"
      },
      {
        "status": "affected",
        "version": "7.0.3.0"
      },
      {
        "status": "affected",
        "version": "7.0.4.0"
      },
      {
        "status": "affected",
        "version": "7.1.0.0"
      },
      {
        "status": "affected",
        "version": "7.1.1.0"
      },
      {
        "status": "affected",
        "version": "7.1.1.2"
      },
      {
        "status": "affected",
        "version": "7.0.3.3"
      },
      {
        "status": "affected",
        "version": "7.0.4.2"
      },
      {
        "status": "affected",
        "version": "7.0.5.0"
      },
      {
        "status": "affected",
        "version": "7.1.0.2"
      },
      {
        "status": "affected",
        "version": "7.1.2.1"
      },
      {
        "status": "affected",
        "version": "7.2.0.0"
      },
      {
        "status": "affected",
        "version": "7.2.0.2"
      },
      {
        "status": "affected",
        "version": "7.2.1.0"
      },
      {
        "status": "affected",
        "version": "6.2.7.14"
      },
      {
        "status": "affected",
        "version": "7.0.5.9"
      },
      {
        "status": "affected",
        "version": "7.1.2.5"
      },
      {
        "status": "affected",
        "version": "7.2.1.2"
      },
      {
        "status": "affected",
        "version": "7.2.2.0"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/217955

www.ibm.com/support/pages/node/6575143