CVE-2022-40751 – IBM UrbanCode Deploy information disclosure
https://notcve.org/view.php?id=CVE-2022-40751
IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601. IBM UrbanCode Deploy (UCD) 6.2.7.0 a 6.2.7.17, 7.0.0.0 a 7.0.5.12, 7.1.0.0 a 7.1.2.8 y 7.2.0.0 a 7.2.3.1 podría permitir a un usuario con privilegios administrativos, incluido "Manage Security" Los permisos pueden recuperar una credencial previamente guardada para realizar búsquedas LDAP autenticadas. ID de IBM X-Force: 236601. • https://exchange.xforce.ibmcloud.com/vulnerabilities/236601 https://www.ibm.com/support/pages/node/6831907 • CWE-522: Insufficiently Protected Credentials •
CVE-2022-35716
https://notcve.org/view.php?id=CVE-2022-35716
IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. IBM X-Force ID: 231360. IBM UrbanCode Deploy (UCD) versiones 6.2.0.0 hasta 6.2.7.16, 7.0.0 hasta 7.0.5.11, 7.1.0.0 hasta 7.1.2.7 y 7.2.0.0 hasta 7.2.3.0, podrían permitir a un usuario autenticado obtener información confidencial en algunos casos debido a una comprobación de seguridad inapropiada. IBM X-Force ID: 231360 • https://exchange.xforce.ibmcloud.com/vulnerabilities/231360 https://www.ibm.com/support/pages/node/6608584 • CWE-863: Incorrect Authorization •
CVE-2022-22367
https://notcve.org/view.php?id=CVE-2022-22367
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008. IBM UrbanCode Deploy (UCD) versiones 6.2.7.15, 7.0.5.10, 7.1.2.6 y 7.2.2.1, podría divulgar información confidencial de la base de datos a un usuario local en texto plano. IBM X-Force ID: 221008 • https://exchange.xforce.ibmcloud.com/vulnerabilities/221008 https://www.ibm.com/support/pages/node/6600067 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2022-22366
https://notcve.org/view.php?id=CVE-2022-22366
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 22106. IBM UrbanCode Deploy (UCD) versiones 6.2.7.15, 7.0.5.10, 7.1.2.6 y 7.2.2.1, almacena credenciales de usuario en texto sin cifrar que puede leer un usuario local. IBM X-Force ID: 22106 • https://exchange.xforce.ibmcloud.com/vulnerabilities/221006 https://www.ibm.com/support/pages/node/6600065 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2022-22315
https://notcve.org/view.php?id=CVE-2022-22315
IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. IBM X-Force ID: 217955. IBM UrbanCode Deploy (UCD) versión 7.2.2.1, podría permitir a un usuario autenticado con permisos especiales obtener altos privilegios debido a un manejo inapropiado de permisos. IBM X-Force ID: 217955 • https://exchange.xforce.ibmcloud.com/vulnerabilities/217955 https://www.ibm.com/support/pages/node/6575143 •