Missing Authorization in IBM DevOps Deploy and UrbanCode Deploy Products
CVE-2024-54176
4.3MEDIUM
What is CVE-2024-54176?
IBM DevOps Deploy versions 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2 contain a vulnerability that allows authenticated users to gain access to sensitive data belonging to other users. This issue arises from inadequate authorization checks for certain functions within the system. Organizations using these IBM products should take immediate action to secure their environments.
Affected Version(s)
DevOps Deploy 8.0 <= 8.0.1.4
DevOps Deploy 8.1 <= 8.1.0.0
UrbanCode Deploy 7.0 <= 7.0.5.25