Lucene search
K

192 matches found

CVE
CVE
added 2024/04/12 4:20 p.m.65 views

CVE-2024-22359

CVE-2024-22359 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. A cross-site scripting vulnerability exists in the Web UI that can allow embedding arbitrary JavaScript to alter functionality and potentially disclose credentials within a trusted session. Affected versions are UCD 7.0–7.0....

6.1CVSS6AI score0.0037EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:2 p.m.32 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be susceptible to an Insufficient Session Expiration vulnerability (CVE-2024-22358)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD may not fully invalidate the session after logout which could allow an authenticated user to impersonate another user on the system. Vulnerability Details CVEID:CVE-2024-22358 DESCRIPTION: IBM UrbanCode Deploy UCD does not invalidate session...

8.8CVSS6.2AI score0.00411EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 7:1 p.m.33 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a machine-in-the-middle vulnerability (CVE-2023-48795)

Summary OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport protocol when used with certain OpenSSH extensions. A remote attacker could exploit this vulnerability to launch a machine-in-the-middle attack and strip an...

5.9CVSS6.4AI score0.93305EPSS
Exploits4Affected Software1
NVD
NVD
added 2024/02/06 5:15 p.m.30 views

CVE-2024-22331

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

6.2CVSS6.1AI score0.00188EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 1:26 p.m.30 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to sensitive information disclosure (CVE-2024-22331)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows agent as a service. Vulnerability Details CVEID:CVE-2024-22331 DESCRIPTION: IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows...

6.2CVSS5.4AI score0.00188EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 1:26 p.m.47 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to HTTP request smuggling (CVE-2023-46589)

Summary Due to the use of Apache Tomcat, IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted HTTPS trailer header, an attacker could exploit this vulnerability to poison the we...

7.5CVSS7.5AI score0.02651EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/03 6:15 a.m.6 views

CVE-2024-23550

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

5.5CVSS5.7AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2024/02/03 6:15 a.m.13 views

CVE-2024-23550

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

6.2CVSS6.2AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/03 5:32 a.m.19 views

CVE-2024-23550 HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

6.2CVSS6.4AI score0.00214EPSS
Exploits0References1
CVE
CVE
added 2024/02/03 5:32 a.m.60 views

CVE-2024-23550

CVE-2024-23550 affects HCL DevOps Deploy / HCL Launch (UCD). The Windows agent installer could disclose sensitive user information, with confidentiality impact described as High in the CVSS data. The provided documents do not specify the underlying root cause details or a fixed version. Public so...

6.2CVSS5.3AI score0.00214EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/02/03 5:32 a.m.8 views

CVE-2024-23550 HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

6.2CVSS6.5AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/03 12:0 a.m.4 views

HCL Technologies HCL Launch Security Breach

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch UCD that stems from the ability to...

6.2CVSS6.5AI score0.00214EPSS
Exploits0References2
Rows per page
Query Builder