CVE-2025-13489

MEDIUM

IBM DevOps Deploy 8.1.0.0-8.1.2.3 - Cleartext Transmission of Sensitive Information

Title source: llm
STIX 2.1

Description

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7254662

Scores

CVSS v3 5.9
EPSS 0.0016
EPSS Percentile 5.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-319
Status published
Products (1)
ibm/devops_deploy 8.1.0.0 - 8.1.2.4
Published Dec 15, 2025
Tracked Since Feb 18, 2026