Information Disclosure in IBM UrbanCode Deploy Affects Numerous Versions
CVE-2022-22367

4MEDIUM

Key Information:

Vendor: IBM
Status: Urbancode Deploy
Vendor: CVE Published:; 30 June 2022

What is CVE-2022-22367?

IBM UrbanCode Deploy versions 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 are vulnerable to an information disclosure issue that allows a local user to gain access to sensitive database information in plain text. This vulnerability highlights the importance of securing access controls to prevent unauthorized access to sensitive data. Mitigating this issue is crucial for maintaining the integrity and confidentiality of your systems.

Affected Version(s)

UrbanCode Deploy 6.2.7.15

UrbanCode Deploy 7.0.5.10

UrbanCode Deploy 7.1.2.6

References

https://www.ibm.com/support/pages/node/6600067

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/221008

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2022
Vulnerability Reserved
Jan 3, 2022