IBM DevOps Deploy
Moderate fix2 remedies
cpe:2.3:a:ibm:devops_deploy:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 8.0, <= 8.0.1.4
- >= 8.1, <= 8.1.0.0
IBM DevOps Deploy and UrbanCode Deploy Sensitive Information Disclosure Vulnerability
Vulnerability
Patched
A vulnerability allowing authenticated users to access sensitive information about other users has been identified in IBM DevOps Deploy versions 8.0 prior to 8.0.1.4, 8.1 prior to 8.1.0.0, and in IBM UrbanCode Deploy (UCD) versions 7.0 prior to 7.0.5.25, 7.1 prior to 7.1.2.21, 7.2 prior to 7.2.3.14, and 7.3 prior to 7.3.2.9. This issue arises from missing authorization for a function, which could allow users to obtain sensitive information about other users on the system.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information about users on the system.
Remediation
Users are advised to upgrade to IBM UrbanCode Deploy versions 7.0.5.26, 7.1.2.22, 7.2.3.15, 7.3.2.10 or to IBM DevOps Deploy versions 8.0.1.5 or 8.1.0.1. Instructions for downloading these updates are available on the IBM Support Fix Central website.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
2.5exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.