Cryptographic Vulnerability in IBM UrbanCode Deploy Software
CVE-2022-22327

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Urbancode Deploy
Vendor: CVE Published:; 31 March 2022

Summary

IBM UrbanCode Deploy versions 7.0.5, 7.1.0, 7.1.1, and 7.1.2 implement cryptographic algorithms that are weaker than expected. This flaw may enable attackers to decrypt sensitive information, posing a risk to data integrity and confidentiality. Organizations utilizing these versions should review their cryptographic configurations and consider updating to mitigate potential threats. For more information, visit IBM's official support page.

Affected Version(s)

UrbanCode Deploy 7.0.5

UrbanCode Deploy 7.1.0

UrbanCode Deploy 7.1.1

References

https://www.ibm.com/support/pages/node/6568551

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/218859

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2022
Vulnerability Reserved
Jan 3, 2022