Remote Command Execution Vulnerability in IBM DevOps Deploy and UrbanCode Deploy
CVE-2024-55904
7.2HIGH
Summary
The identified vulnerability in IBM DevOps Deploy and UrbanCode Deploy products allows a remote authenticated attacker to execute arbitrary commands. This is achieved by sending specially crafted input containing particular elements, which could compromise the integrity of the affected systems. Users must promptly apply available updates to mitigate this risk and ensure their environments remain secure.
Affected Version(s)
DevOps Deploy 8.0 <= 8.0.1.4
DevOps Deploy 8.1 <= 8.1.0.0
UrbanCode Deploy 7.0 <= 7.0.5.25
References
CVSS V3.1
Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved