← Back

CVE-2022-40751

nvd nist
Published: Nov 17, 2022Modified: Nov 21, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches.  IBM X-Force ID:   236601.

Affected (4)

Ibm
1 product
Urbancode Deploy
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Urbancode Deploy
From 6.2.7.0 to 6.2.7.18
Urbancode Deploy
From 7.0.0.0 to 7.0.5.13
Urbancode Deploy
From 7.1.0.0 to 7.1.2.9
Urbancode Deploy
From 7.2.0.0 to 7.2.3.2

Related CWEs

CWE-522
Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.