CVE-2022-22315
First published: Tue Apr 19 2022(Updated: )
IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. IBM X-Force ID: 217955.
Credit: psirt@us.ibm.com psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM UrbanCode Deploy | >=6.2.7.0<6.2.7.15 | |
| IBM UrbanCode Deploy | >=7.0.3.0<7.0.5.10 | |
| IBM UrbanCode Deploy | >=7.1.0.0<7.1.2.6 | |
| IBM UrbanCode Deploy | >=7.2.0.0<7.2.2.1 | |
| IBM UCD - IBM UrbanCode Deploy | <=6.2.7.0 - 6.2.7.14 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.0.3.0 - 7.0.3.3 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.0.4.0 - 7.0.4.2 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.0.5.0 - 7.0.5.9 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.1.0.0 - 7.1.0.2 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.1.1.0 - 7.1.1.2 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.1.2.1 - 7.1.2.5 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.2.0.0 - 7.2.0.2 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.2.1.0 - 7.2.1.2 | |
| IBM UCD - IBM UrbanCode Deploy | <=7.2.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22315?
CVE-2022-22315 is a vulnerability in IBM UrbanCode Deploy (UCD) that could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions.
What is the severity of CVE-2022-22315?
CVE-2022-22315 has a severity rating of 8.8 (high).
How does CVE-2022-22315 affect IBM UrbanCode Deploy?
CVE-2022-22315 affects IBM UrbanCode Deploy versions 6.2.7.0 - 6.2.7.14, 7.0.3.0 - 7.0.3.3, 7.0.4.0 - 7.0.4.2, 7.0.5.0 - 7.0.5.9, 7.1.0.0 - 7.1.0.2, 7.1.1.0 - 7.1.1.2, 7.1.2.1 - 7.1.2.5, 7.2.0.0 - 7.2.0.2, and 7.2.2.0.
How can an attacker exploit CVE-2022-22315?
An attacker can exploit CVE-2022-22315 by leveraging their authenticated access with special permissions to elevate their privileges.
Is there a fix for CVE-2022-22315?
Yes, IBM has released a fix for CVE-2022-22315. It is recommended to update to the latest version of IBM UrbanCode Deploy that addresses this vulnerability.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/description
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm urbancode deploy
- version/ibm urbancode deploy/6.2.7.0
- version/ibm urbancode deploy/7.0.3.0
- version/ibm urbancode deploy/7.1.0.0
- version/ibm urbancode deploy/7.2.0.0
- canonical/ibm ucd - ibm urbancode deploy
- version/ibm ucd - ibm urbancode deploy/6.2.7.0 - 6.2.7.14
- version/ibm ucd - ibm urbancode deploy/7.0.3.0 - 7.0.3.3
- version/ibm ucd - ibm urbancode deploy/7.0.4.0 - 7.0.4.2
- version/ibm ucd - ibm urbancode deploy/7.0.5.0 - 7.0.5.9
- version/ibm ucd - ibm urbancode deploy/7.1.0.0 - 7.1.0.2
- version/ibm ucd - ibm urbancode deploy/7.1.1.0 - 7.1.1.2
- version/ibm ucd - ibm urbancode deploy/7.1.2.1 - 7.1.2.5
- version/ibm ucd - ibm urbancode deploy/7.2.0.0 - 7.2.0.2
- version/ibm ucd - ibm urbancode deploy/7.2.1.0 - 7.2.1.2
- version/ibm ucd - ibm urbancode deploy/7.2.2.0