What is the severity of CVE-2024-22331?

CVE-2024-22331 is classified as a vulnerability that could lead to the disclosure of sensitive user information.

How do I fix CVE-2024-22331?

To fix CVE-2024-22331, upgrade IBM UrbanCode Deploy to the latest versions beyond the affected versions listed.

Which versions are affected by CVE-2024-22331?

CVE-2024-22331 affects IBM UrbanCode Deploy versions 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM DevOps Deploy version 8.0.0.0.

What could happen if I don't address CVE-2024-22331?

Failure to address CVE-2024-22331 may result in unauthorized access to sensitive user information.

Is there a workaround for CVE-2024-22331?

Currently, the primary mitigation for CVE-2024-22331 is to apply the recommended software updates to the affected versions.

Vulnerability/
CVE-2024-22331

medium

6.2

CWE

200

EPSS

0.043%

5/2/2024

6/2/2024

1/8/2024

CVE-2024-22331: IBM UrbanCode Deploy information disclosure

First published: Mon Feb 05 2024(Updated: )

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM UCD - IBM UrbanCode Deploy	<=7.0 - 7.0.5.19
IBM UCD - IBM UrbanCode Deploy	<=7.1 - 7.1.2.15
IBM UCD - IBM UrbanCode Deploy	<=7.2 - 7.2.3.8
IBM UCD - IBM UrbanCode Deploy	<=7.3 - 7.3.2.3
IBM UCD - IBM DevOps Deploy	<=8.0.0.0
IBM UrbanCode Deploy	>=7.0.0.0<7.0.5.20
IBM UrbanCode Deploy	>=7.1.0.0<7.1.2.16
IBM UrbanCode Deploy	>=7.2.0.0<7.2.3.9
IBM UrbanCode Deploy	>=7.3.0.0<7.3.2.4
	=8.0.0.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7114131

Frequently Asked Questions

What is the severity of CVE-2024-22331?
CVE-2024-22331 is classified as a vulnerability that could lead to the disclosure of sensitive user information.
How do I fix CVE-2024-22331?
To fix CVE-2024-22331, upgrade IBM UrbanCode Deploy to the latest versions beyond the affected versions listed.
Which versions are affected by CVE-2024-22331?
CVE-2024-22331 affects IBM UrbanCode Deploy versions 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM DevOps Deploy version 8.0.0.0.
What could happen if I don't address CVE-2024-22331?
Failure to address CVE-2024-22331 may result in unauthorized access to sensitive user information.
Is there a workaround for CVE-2024-22331?
Currently, the primary mitigation for CVE-2024-22331 is to apply the recommended software updates to the affected versions.

agent/title
agent/references
agent/weakness
agent/type
agent/description
agent/first-publish-date
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/author
agent/severity
agent/event
collector/nvd-api
source/NVD
agent/softwarecombine
collector/epss-latest
source/FIRST
agent/epss
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/tags
agent/source
vendor/ibm
canonical/ibm ucd - ibm urbancode deploy
version/ibm ucd - ibm urbancode deploy/7.0 - 7.0.5.19
version/ibm ucd - ibm urbancode deploy/7.1 - 7.1.2.15
version/ibm ucd - ibm urbancode deploy/7.2 - 7.2.3.8
version/ibm ucd - ibm urbancode deploy/7.3 - 7.3.2.3
canonical/ibm ucd - ibm devops deploy
version/ibm ucd - ibm devops deploy/8.0.0.0
canonical/ibm urbancode deploy
version/ibm urbancode deploy/7.0.0.0
version/ibm urbancode deploy/7.1.0.0
version/ibm urbancode deploy/7.2.0.0
version/ibm urbancode deploy/7.3.0.0

Frequently Asked Questions

What is the severity of CVE-2024-22331?
CVE-2024-22331 is classified as a vulnerability that could lead to the disclosure of sensitive user information.
How do I fix CVE-2024-22331?
To fix CVE-2024-22331, upgrade IBM UrbanCode Deploy to the latest versions beyond the affected versions listed.
Which versions are affected by CVE-2024-22331?
CVE-2024-22331 affects IBM UrbanCode Deploy versions 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM DevOps Deploy version 8.0.0.0.
What could happen if I don't address CVE-2024-22331?
Failure to address CVE-2024-22331 may result in unauthorized access to sensitive user information.
Is there a workaround for CVE-2024-22331?
Currently, the primary mitigation for CVE-2024-22331 is to apply the recommended software updates to the affected versions.

CVE-2024-22331: IBM UrbanCode Deploy information disclosure

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-22331?

How do I fix CVE-2024-22331?

Which versions are affected by CVE-2024-22331?

What could happen if I don't address CVE-2024-22331?

Is there a workaround for CVE-2024-22331?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-22331?

How do I fix CVE-2024-22331?

Which versions are affected by CVE-2024-22331?

What could happen if I don't address CVE-2024-22331?

Is there a workaround for CVE-2024-22331?