CVE-2024-56469

Summary

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1 could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.

Affected Software

VendorProductVersion RangeStatus
IBMUrbanCode Deploy7.1 <= 7.1.2.22affected
IBMUrbanCode Deploy7.2 <= 7.2.3.15affected
IBMUrbanCode Deploy7.3 <= 7.3.2.10affected
IBMDevOps Deploy8.0 <= 8.0.1.5affected
IBMDevOps Deploy8.1 <= 8.1.0.1affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References