CVE-2022-43877

Summary

IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148.

Affected Software

VendorProductVersion RangeStatus
IBMUrbanCode Deploy6.2 <= 6.2.7.19affected
IBMUrbanCode Deploy7.0 <= 7.0.5.14affected
IBMUrbanCode Deploy7.1 <= 7.1.2.10affected
IBMUrbanCode Deploy7.2 <= 7.2.3.3affected
IBMUrbanCode Deploy7.3 <= 7.3.0.1affected

Weaknesses

  • 256 Plaintext Storage of a Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References