IBM UrbanCode Deploy and IBM DevOps Deploy Sensitive Authentication Token Logging Vulnerability

Vulnerability

A vulnerability exists in IBM UrbanCode Deploy (UCD) versions through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0, as well as in IBM DevOps Deploy versions 8.0 through 8.0.1.4 and 8.1 through 8.1. This vulnerability involves the improper logging of potentially sensitive authentication token information, which could be accessed by a local user.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive authentication tokens, which could be misused to gain access to restricted areas or functionalities within the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM UrbanCode Deploy and IBM DevOps Deploy Sensitive Authentication Token Logging Vulnerability

Vulnerability

Impact

Affected Products

IBM UrbanCode Deploy

IBM DevOps Deploy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating