CVE-2024-56469

MEDIUM

IBM UrbanCode Deploy/DevOps Deploy <7.3.2.10, <8.1.0.1 - Privilege ...

Title source: llm
STIX 2.1

Description

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1 could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7229031

Scores

CVSS v3 6.3
EPSS 0.0005
EPSS Percentile 14.5%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-306
Status published
Products (3)
ibm/devops_deploy 8.1.0.0
ibm/devops_deploy 8.0.0.0 - 8.0.1.5
ibm/urbancode_deploy 7.1.0.0 - 7.1.2.23
Published Mar 27, 2025
Tracked Since Feb 18, 2026