← Back

CVE-2024-22339

nvd nist
Published: Apr 12, 2024Modified: Jan 29, 2025

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979.

Affected (5)

Ibm
2 products
Devops Deploy
Urbancode Deploy
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Devops Deploy
From 8.0.0.0 to 8.0.1.0
Ibm
Urbancode Deploy
From 7.0.0.0 to 7.0.5.21
Urbancode Deploy
From 7.1.0.0 to 7.1.2.17
Urbancode Deploy
From 7.2.0.0 to 7.2.3.10
Urbancode Deploy
From 7.3.0.0 to 7.3.2.5

Related CWEs

CWE-532
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (4)

Source: psirt@us.ibm.com
VDB Entry
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.