Sensitive Authentication Token Exposure in IBM UrbanCode Deploy and DevOps Deploy
CVE-2025-1998
5.5MEDIUM
What is CVE-2025-1998?
IBM UrbanCode Deploy and DevOps Deploy contain a vulnerability where potentially sensitive authentication token information is retained in log files. This issue allows local users to gain unauthorized access to sensitive data, which could compromise system security. The affected versions include UCD 7.1.2.21, 7.2 through 7.2.3.14, 7.3 through 7.3.2.0, and DevOps Deploy 8.0.1.4 and 8.1. It is crucial for users of these products to review log file management practices and implement appropriate safeguards to protect sensitive information.
Affected Version(s)
DevOps Deploy 8.0 <= 8.0.1.4
DevOps Deploy 8.1
UrbanCode Deploy 7.1 <= 7.1.2.21