Lucene search
K

1393 matches found

OSV
OSV
added 2025/02/14 4:15 a.m.5 views

CVE-2024-55904

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...

7.2CVSS6.1AI score0.00624EPSS
Exploits0References1
NVD
NVD
added 2025/02/14 4:15 a.m.13 views

CVE-2024-55904

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...

7.2CVSS0.00624EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/14 3:23 a.m.11 views

CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...

7.2CVSS7.5AI score0.00624EPSS
Exploits0References1
CVE
CVE
added 2025/02/14 3:23 a.m.86 views

CVE-2024-55904

CVE-2024-55904 affects IBM UrbanCode Deploy (UCD) versions 7.0–7.0.5.25, 7.1–7.1.2.21, 7.2–7.2.3.14, 7.3–7.3.2.9 and IBM DevOps Deploy versions 8.0–8.0.1.4, 8.1–8.1.0.0. The vulnerability is a remote, authenticated command injection (CWE-78) allowing an attacker to execute arbitrary commands on t...

7.2CVSS7.2AI score0.00624EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/02/14 3:23 a.m.19 views

CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...

7.2CVSS0.00624EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.7 views

PT-2025-6721 · Ibm · Ibm Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM DevOps Deploy versions 8.0 through 8.0.1.4 IBM DevOps Deploy versions 8.1 through 8.1.0.0 IBM UrbanCode Deploy versions 7.0 through 7.0.5.25 IBM UrbanCode Deploy versions 7.1 through 7.1.2.21 IBM UrbanCode Deploy versions 7.2 through...

7.2CVSS7.8AI score0.00624EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/14 12:0 a.m.10 views

IBM UrbanCode Deploy和IBM DevOps Deploy 操作系统命令注入漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM, U.S.A. IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remot...

7.2CVSS7.7AI score0.00624EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/10 4:24 p.m.10 views

CVE-2024-54176

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...

6.5CVSS4.2AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2025/02/08 5:15 p.m.14 views

CVE-2024-54176

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...

6.5CVSS0.00256EPSS
Exploits0References1
OSV
OSV
added 2025/02/08 5:15 p.m.6 views

CVE-2024-54176

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...

6.5CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/02/08 4:15 p.m.58 views

CVE-2024-54176

CVE-2024-54176 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. The vulnerability arises from missing authorization for a function, enabling an authenticated user to obtain sensitive information about other users on the system (CWE-306). Affected are UCD versions 7.0–7.0.5.25, 7.1–7.1.2....

6.5CVSS6AI score0.00256EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2025/02/08 12:0 a.m.4 views

IBM DevOps Deploy 访问控制错误漏洞

IBM UrbanCode Deploy IBM UCD is a suite of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the automation of complex applicatio...

6.5CVSS6.1AI score0.00256EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/08 12:0 a.m.5 views

PT-2025-6023 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM DevOps Deploy versions 8.0 through 8.0.1.4 IBM DevOps Deploy versions 8.1 through 8.1.0.0 IBM UrbanCode Deploy versions 7.0 through 7.0.5.25 IBM UrbanCode Deploy versions 7.1 through 7.1.2.21 IBM UrbanCode Deploy versions 7.2 through...

6.5CVSS5.8AI score0.00256EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 10:48 p.m.39 views

Security Bulletin: Due to the use of VMWare Tanzu Spring Framework, IBM DevOps Build is vulnerable to remote attacker to conduct phising attacks

Summary IBM DevOps Build 7.0.0.2 addresses CVE-2024-22259 by updating spring-web jar.. Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL e.g. through a query parameter AND perform validation...

8.1CVSS8AI score0.03967EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.22 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to Insertion of Sensitive Information into Log File vulnerability (CVE-2024-45091)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. Vulnerability Details CVEID:CVE-2024-45091 DESCRIPTION: IBM UrbanCode Deploy UCD stores potentially sensitive information...

6.2CVSS5.6AI score0.00201EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is vulnerable to HTML injection (CVE-2024-51472)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. Vulnerability Details CVEID:CVE-2024-51472 DESCRIPTION: IBM DevOps Deploy /...

3.1CVSS6.4AI score0.00244EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin:  IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Apache Tomcat (CVE-2024-38286)

Summary Apache Tomcat is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of its web interface. Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of the TLS handshake process under certain configurations. By sending specially crafted requests, a remot...

8.6CVSS6.3AI score0.01702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-45073, CVE-2024-45086, CVE-2024-45072, CVE-2024-45085)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS6.9AI score0.00568EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.13 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-45087, CVE-2023-50315)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.9CVSS5.6AI score0.00268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.21 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-35154, CVE-2024-45071, CVE-2024-35153)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.2CVSS7AI score0.01163EPSS
Exploits0Affected Software1
Rows per page
Query Builder