CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

CVE-2025-14148

CVE-2025-14148 affects IBM UCD - IBM DevOps Deploy versions 8.1 through 8.1.2.3. An authenticated user with LLM integration configuration privileges can recover a previously saved LLM API Token, exposing credentials. Root cause identified as insufficiently protected credentials (CWE-522). CVSSv3....

PT-2025-51280

Name of the Vulnerable Software and Affected Versions IBM DevOps Deploy versions 8.1 through 8.1.2.3 Description An authenticated user with LLM integration configuration privileges may be able to recover a previously saved LLM API Token. Recommendations Update to a version later than 8.1.2.3...

Security Bulletin: IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability (CVE-2025-14148)

Summary IBM DevOps Deploy could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token. CVE-2025-14148 Vulnerability Details CVEID:CVE-2025-14148 DESCRIPTION: IBM DevOps Deploy could allow an authenticated user with LLM integration...