CVE-2024-54176
published 2025-02-08CVE-2024-54176: IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | devops_deploy | — | — |
| ibm | devops_deploy | 8.0 – 8.0.1.4 | — |
| ibm | devops_deploy | >= 8.0.0.0 < 8.0.1.5 | 8.0.1.5 |
| ibm | devops_deploy | 8.1 – 8.1.0.0 | — |
| ibm | urbancode_deploy | 7.0 – 7.0.5.25 | — |
| ibm | urbancode_deploy | >= 7.0.0.0 < 7.0.5.26 | 7.0.5.26 |
| ibm | urbancode_deploy | 7.1 – 7.1.2.21 | — |
| ibm | urbancode_deploy | >= 7.1.0.0 < 7.1.2.22 | 7.1.2.22 |
| ibm | urbancode_deploy | 7.2 – 7.2.3.14 | — |
| ibm | urbancode_deploy | >= 7.2.0.0 < 7.2.3.15 | 7.2.3.15 |
| ibm | urbancode_deploy | 7.3 – 7.3.2.9 | — |
| ibm | urbancode_deploy | >= 7.3.0.0 < 7.3.2.10 | 7.3.2.10 |