CVE-2025-36360

IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy are affected by a race condition in http-session client-IP binding enforcement that may allow a session to be briefly reused from a new IP before invalidation, potentially enabling unauthorized access under certain network conditions. Affected vers...

CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

PT-2025-51282

Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy versions 7.1 through 7.1.2.27 IBM UrbanCode Deploy versions 7.2 through 7.2.3.20 IBM UrbanCode Deploy versions 7.3 through 7.3.2.15 IBM DevOps Deploy versions 8.0 through 8.0.1.10 IBM DevOps Deploy versions 8.1 through...

IBM UrbanCode Deploy（IBM UCD）和IBM DevOps Deploy 代码问题漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM.IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remote agent...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial Of Service Vulnerability in Apache Tomcat (CVE-2025-52520)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is affected by a Denial Of Service Vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.8, 10.1.42, 9.0.106. Vulnerability Details CVEID:CVE-2025-52520 DESCRIPTION: For some unlikely configurations of multipart upload, an...

IBM UrbanCode Deploy（IBM UCD）和IBM DevOps Deploy 安全漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM.IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remote agent...

PT-2025-13208 · Ibm · Ibm Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.1.2.21 and earlier, 7.2 through 7.2.3.14, 7.3 through 7.3.2.0 IBM DevOps Deploy versions 8.0 through 8.0.1.4, 8.1 and earlier Description: The issue concerns the storage of potentially sensitive authentication...

CVE-2024-51472

IBM UrbanCode Deploy UCD 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy IBM UCD is a suite of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications i...

CVE-2024-28781

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4, and 8.0 through 8.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

PT-2024-22571 · Ibm · Ibm Urbancode Deploy

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM UrbanCode Deploy versions 8.0 throug...

CVE-2024-22358

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

CVE-2024-22334

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

PT-2024-19347 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

PT-2024-19360 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

CVE-2024-22331

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

PT-2024-19344 · Ibm +1 · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.19 IBM UrbanCode Deploy versions 7.1 through 7.1.2.15 IBM UrbanCode Deploy versions 7.2 through 7.2.3.8 IBM UrbanCode Deploy versions 7.3 through 7.3.2.3 IBM UrbanCode Deploy UCD - IBM DevOps...

PT-2023-29655 · Hcl · Hcl Urbancode Deploy Agent

Name of the Vulnerable Software and Affected Versions: HCL UrbanCode Deploy Agent affected versions not specified Description: The issue concerns a denial of service attack that can be launched by local accounts against an HCL UrbanCode Deploy Agent installed as a Windows service in a non-standar...

CVE-2023-42012

An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509...

CVE-2023-40376

IBM UrbanCode Deploy UCD 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581...