Medium Severity

Security Bulletin: IBM Urbancode Deploy (UCD) vulnerable to information disclosure which can be read by a local user. (CVE-2022-22366)

Share this post:

Diagnostic records may contain values used to perform remote creation of ssh agents.

CVE(s): CVE-2022-22366

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
UCD – IBM UrbanCode Deploy 7.2.2.1
UCD – IBM UrbanCode Deploy 7.1.2.6
UCD – IBM UrbanCode Deploy 7.0.5.10
UCD – IBM UrbanCode Deploy 6.2.7.15

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6600065
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221006

More stories

Security Bulletin: IBM CICS TX Standard is vulnerable to a local user causing a denial of service. (CVE-2022-34308)

October 4, 2022 | Medium Severity

IBM CICS TX Standard could allow a local user to cause a denial of service due to improper load handling. The fix removes this vulnerability (CVE-2022-34308) from IBM CICS TX Standard. ...read more


Security Bulletin: A security vulnerability has been identified in Apache HttpClient shipped with IBM Tivoli Netcool Impact (CVE-2020-13956)

October 4, 2022 | Medium Severity

Apache HttpClient is shipped with IBM Tivoli Netcool Impact to handle HTTP communications. . Information about a security vulnerability affecting Apache HttpClient has been published in a security bulletin. ...read more


Security Bulletin: A vulnerability in Apache WSS4J affects IBM Tivoli Business Service Manager (CVE-2014-3623)

October 4, 2022 | Medium Severity

Apache WSS4J is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web services infrastructure. Information about security vulnerabilities affecting Apache WSS4J has been published in a security bulletin. ...read more