What is the severity of CVE-2024-22339?

CVE-2024-22339 has been classified as a medium severity vulnerability due to the potential exposure of sensitive information.

How do I fix CVE-2024-22339?

To remediate CVE-2024-22339, upgrade IBM UrbanCode Deploy or IBM DevOps Deploy to a version that is not affected by this vulnerability.

Which versions of IBM UrbanCode Deploy are affected by CVE-2024-22339?

CVE-2024-22339 affects IBM UrbanCode Deploy versions from 7.0 to 7.3.2.4.

Is IBM DevOps Deploy impacted by CVE-2024-22339?

Yes, IBM DevOps Deploy versions from 8.0 to 8.0.0.1 are impacted by CVE-2024-22339.

Vulnerability/
CVE-2024-22339

medium

4.3

CWE

532

11/4/2024

12/4/2024

29/1/2025

CVE-2024-22339: IBM UrbanCode Deploy information disclosure

Q: What type of information is exposed in CVE-2024-22339?

CVE-2024-22339 allows for the exposure of sensitive information due to insufficient obfuscation of sensitive values in certain log files.

First published: Thu Apr 11 2024(Updated: )

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM UCD - IBM UrbanCode Deploy	<=7.0 - 7.0.5.20
IBM UCD - IBM UrbanCode Deploy	<=7.1 - 7.1.2.16
IBM UCD - IBM UrbanCode Deploy	<=7.2 - 7.2.3.9
IBM UCD - IBM UrbanCode Deploy	<=7.3 - 7.3.2.4
IBM UCD - IBM DevOps Deploy	<=8.0 - 8.0.0.1
IBM DevOps Deploy	>=8.0.0.0<8.0.1.0
IBM UrbanCode Deploy	>=7.0.0.0<7.0.5.21
IBM UrbanCode Deploy	>=7.1.0.0<7.1.2.17
IBM UrbanCode Deploy	>=7.2.0.0<7.2.3.10
IBM UrbanCode Deploy	>=7.3.0.0<7.3.2.5

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7148113

Frequently Asked Questions

What is the severity of CVE-2024-22339?
CVE-2024-22339 has been classified as a medium severity vulnerability due to the potential exposure of sensitive information.
How do I fix CVE-2024-22339?
To remediate CVE-2024-22339, upgrade IBM UrbanCode Deploy or IBM DevOps Deploy to a version that is not affected by this vulnerability.
Which versions of IBM UrbanCode Deploy are affected by CVE-2024-22339?
CVE-2024-22339 affects IBM UrbanCode Deploy versions from 7.0 to 7.3.2.4.
Is IBM DevOps Deploy impacted by CVE-2024-22339?
Yes, IBM DevOps Deploy versions from 8.0 to 8.0.0.1 are impacted by CVE-2024-22339.
What type of information is exposed in CVE-2024-22339?
CVE-2024-22339 allows for the exposure of sensitive information due to insufficient obfuscation of sensitive values in certain log files.

agent/weakness
agent/references
agent/title
agent/type
agent/first-publish-date
agent/description
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/author
agent/severity
collector/mitre-cve
source/MITRE
agent/trending
agent/source
agent/tags
agent/last-modified-date
agent/softwarecombine
agent/event
collector/nvd-api
source/NVD
vendor/ibm
canonical/ibm ucd - ibm urbancode deploy
version/ibm ucd - ibm urbancode deploy/7.0 - 7.0.5.20
version/ibm ucd - ibm urbancode deploy/7.1 - 7.1.2.16
version/ibm ucd - ibm urbancode deploy/7.2 - 7.2.3.9
version/ibm ucd - ibm urbancode deploy/7.3 - 7.3.2.4
canonical/ibm ucd - ibm devops deploy
version/ibm ucd - ibm devops deploy/8.0 - 8.0.0.1
canonical/ibm devops deploy
version/ibm devops deploy/8.0.0.0
canonical/ibm urbancode deploy
version/ibm urbancode deploy/7.0.0.0
version/ibm urbancode deploy/7.1.0.0
version/ibm urbancode deploy/7.2.0.0
version/ibm urbancode deploy/7.3.0.0

Frequently Asked Questions

What is the severity of CVE-2024-22339?
CVE-2024-22339 has been classified as a medium severity vulnerability due to the potential exposure of sensitive information.
How do I fix CVE-2024-22339?
To remediate CVE-2024-22339, upgrade IBM UrbanCode Deploy or IBM DevOps Deploy to a version that is not affected by this vulnerability.
Which versions of IBM UrbanCode Deploy are affected by CVE-2024-22339?
CVE-2024-22339 affects IBM UrbanCode Deploy versions from 7.0 to 7.3.2.4.
Is IBM DevOps Deploy impacted by CVE-2024-22339?
Yes, IBM DevOps Deploy versions from 8.0 to 8.0.0.1 are impacted by CVE-2024-22339.
What type of information is exposed in CVE-2024-22339?
CVE-2024-22339 allows for the exposure of sensitive information due to insufficient obfuscation of sensitive values in certain log files.

CVE-2024-22339: IBM UrbanCode Deploy information disclosure

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2024-22339?

How do I fix CVE-2024-22339?

Which versions of IBM UrbanCode Deploy are affected by CVE-2024-22339?

Is IBM DevOps Deploy impacted by CVE-2024-22339?

What type of information is exposed in CVE-2024-22339?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-22339?

How do I fix CVE-2024-22339?

Which versions of IBM UrbanCode Deploy are affected by CVE-2024-22339?

Is IBM DevOps Deploy impacted by CVE-2024-22339?

What type of information is exposed in CVE-2024-22339?