Primary

Context

IBM UrbanCode Deploy Sensitive Information Logging Vulnerability

Vulnerability

Patched

A vulnerability exists in IBM UrbanCode Deploy (UCD) versions 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13. The issue involves the improper logging of potentially sensitive information in a manner that could be accessed by a local user with permission to read HTTP request logs.

Impact

This vulnerability could lead to the unauthorized disclosure of sensitive information.

Remediation

Users are advised to upgrade to version 7.0.5.25, 7.1.2.21, 7.2.3.14 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM UrbanCode Deploy Sensitive Information Logging Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM UrbanCode Deploy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating