cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-22358,https://securityvulnerability.io/vulnerability/CVE-2024-22358,IBM UrbanCode Deploy Vulnerability: Impersonation of Another User After Logout,"IBM UrbanCode Deploy and IBM DevOps Deploy exhibit a vulnerability wherein sessions are not properly invalidated after user logout. This oversight allows an authenticated user to potentially impersonate another user, compromising the security and integrity of the system. Administrators should ensure appropriate session handling practices to mitigate this issue.",IBM,"Urbancode Deploy,Devops Deploy",8.8,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-04-12T16:53:43.381Z,0 CVE-2024-22339,https://securityvulnerability.io/vulnerability/CVE-2024-22339,IBM UrbanCode Deploy Vulnerable to Sensitive Information Disclosure,"IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979.",IBM,"Urbancode Deploy,Devops Deploy",4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-04-12T16:51:39.984Z,0 CVE-2024-22334,https://securityvulnerability.io/vulnerability/CVE-2024-22334,Incomplete Revocation of Permissions Vulnerability Affects IBM UrbanCode Deploy and DevOps Deploy,"IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type, associated permissions of objects using that type may not be fully revoked. This could lead to incorrect reporting of permission configuration and unexpected privileges being retained. IBM X-Force ID: 279974.",IBM,"Urbancode Deploy,Devops Deploy",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-04-12T16:41:15.797Z,0 CVE-2024-22359,https://securityvulnerability.io/vulnerability/CVE-2024-22359,IBM UrbanCode Deploy vulnerable to Cross-Site Scripting,"IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 280897.",IBM,"Urbancode Deploy,Devops Deploy",6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-04-12T16:20:38.337Z,0 CVE-2024-22331,https://securityvulnerability.io/vulnerability/CVE-2024-22331,IBM UrbanCode Deploy Vulnerability Could Disclose Sensitive User Information,"IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971.",IBM,"UrbanCode Deploy ,DevOps Deploy",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-06T16:15:57.695Z,0