CVE-2024-56469

Published: Mar 27, 2025Modified: Aug 14, 2025

6.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.4

Source: psirt@us.ibm.com (Secondary)

Description

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1 could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.

Affected (5)

Products: Ibm: Devops Deploy, Urbancode Deploy

Ibm

2 products

Devops Deploy

Urbancode Deploy

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Devops Deploy	From 8.0.0.0 to 8.0.1.5
Ibm Devops Deploy	Version 8.1.0.0
Ibm Urbancode Deploy	From 7.1.0.0 to 7.1.2.23
Ibm Urbancode Deploy	From 7.2.0.0 to 7.2.3.16
Ibm Urbancode Deploy	From 7.3.0.0 to 7.3.2.11

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (1)

https://www.ibm.com/support/pages/node/7229031

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.