Lucene search
K

2321 matches found

Cvelist
Cvelist
added 2024/04/12 4:51 p.m.21 views

CVE-2024-22339 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979...

4.3CVSS4.5AI score0.00443EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 4:41 p.m.27 views

CVE-2024-22334 IBM UrbanCode Deploy improper privilege control

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS4.8AI score0.00436EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 4:41 p.m.14 views

CVE-2024-22334 IBM UrbanCode Deploy improper privilege control

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS6.6AI score0.00436EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 4:41 p.m.68 views

CVE-2024-22334

Summary : CVE-2024-22334 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy, with an incomplete revocation of permissions when deleting a custom security resource type. The issue can cause associated permissions of objects using that type to remain or be misreported, leading to inaccurate p...

4.4CVSS4.6AI score0.00436EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2024/04/12 4:20 p.m.20 views

CVE-2024-22359 IBM UrbanCode Deploy cross-site scripting

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

6.1CVSS5.9AI score0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 4:20 p.m.18 views

CVE-2024-22359 IBM UrbanCode Deploy cross-site scripting

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

6.1CVSS6.1AI score0.0037EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 4:20 p.m.65 views

CVE-2024-22359

CVE-2024-22359 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. A cross-site scripting vulnerability exists in the Web UI that can allow embedding arbitrary JavaScript to alter functionality and potentially disclose credentials within a trusted session. Affected versions are UCD 7.0–7.0....

6.1CVSS6AI score0.0037EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.6 views

PT-2024-19361 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

6.1CVSS7AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.4 views

PT-2024-19360 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

8.8CVSS6.8AI score0.00411EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.4 views

IBM UrbanCode Deploy 日志信息泄露漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

4.3CVSS6.1AI score0.00443EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.7 views

PT-2024-19347 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

4.4CVSS7AI score0.00436EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.4 views

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

4.4CVSS6.8AI score0.00436EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.3 views

IBM UrbanCode Deploy 跨站脚本漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

6.1CVSS5.9AI score0.0037EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.3 views

IBM UrbanCode Deploy 代码问题漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

8.8CVSS6.6AI score0.00411EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:6 p.m.31 views

Security Bulletin: IBM DevOps Deploy / IBM Urbancode Deploy (UCD) is vulnerable to denial of service due to Apache Commons Compress ( CVE-2024-25710, CVE-2024-26308 )

Summary Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw. Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:5 p.m.21 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is vulnerable to to a sensitive information disclosure vulnerability (CVE-2024-22339)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. Vulnerability Details CVEID:CVE-2024-22339 DESCRIPTION: IBM UrbanCode Deploy UCD is vulnerable to a sensitive information due t...

4.3CVSS4.1AI score0.00443EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:4 p.m.19 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a incomplete revocation of permissions vulnerability (CVE-2024-22334)

Summary BM DevOps Deploy / IBM UrbanCode Deploy UCD could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type, associated permissions of objects using that type may not be fully revoked. This could lead to...

4.4CVSS4.6AI score0.00436EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:3 p.m.26 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be susceptible to a cross-site scripting vulnerability (CVE-2024-22359)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD may be vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

6.1CVSS6AI score0.0037EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:2 p.m.32 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be susceptible to an Insufficient Session Expiration vulnerability (CVE-2024-22358)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD may not fully invalidate the session after logout which could allow an authenticated user to impersonate another user on the system. Vulnerability Details CVEID:CVE-2024-22358 DESCRIPTION: IBM UrbanCode Deploy UCD does not invalidate session...

8.8CVSS6.2AI score0.00411EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:1 p.m.33 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a machine-in-the-middle vulnerability (CVE-2023-48795)

Summary OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport protocol when used with certain OpenSSH extensions. A remote attacker could exploit this vulnerability to launch a machine-in-the-middle attack and strip an...

5.9CVSS6.4AI score0.93305EPSS
Exploits4Affected Software1
Rows per page
Query Builder