CVE-2024-22349

Summary

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system.

Affected Software

VendorProductVersion RangeStatus
IBMUrbanCode Velocity4.0.0 <= 4.0.25affected
IBMDevOps Velocity5.0.0affected

Weaknesses

  • CWE-525: CWE-525 Information Exposure Through Browser Caching

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References