Vulnerabilities > CVE-2022-43877 - Insecure Storage of Sensitive Information vulnerability in IBM Urbancode Deploy

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

ibm

CWE-922

NVD

Published: 2023-05-06

Updated: 2023-05-11

Summary

IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Urbancode Deploy 7.2.0.0 IBM Urbancode Deploy 7.2.0.0.1109832 IBM Urbancode Deploy 7.2.0.1.1114184 IBM Urbancode Deploy 7.2.0.2.1116435 IBM Urbancode Deploy 7.2.1.0.1123293 IBM Urbancode Deploy 7.2.2.1 IBM Urbancode Deploy 7.2.3.1 IBM Urbancode Deploy 7.1.0.0 IBM Urbancode Deploy 7.1.0.0.1058690 IBM Urbancode Deploy 7.1.0.1.1061360 IBM Urbancode Deploy 7.1.0.1.Ifix01.1062130 IBM Urbancode Deploy 7.1.0.2.1063225 IBM Urbancode Deploy 7.1.0.3.1069281 IBM Urbancode Deploy 7.1.1.0 IBM Urbancode Deploy 7.1.1.0.1073118 IBM Urbancode Deploy 7.1.1.1 IBM Urbancode Deploy 7.1.1.1.1074331 IBM Urbancode Deploy 7.1.1.2 IBM Urbancode Deploy 7.1.1.2.1090482 IBM Urbancode Deploy 7.1.2.0.1100493 IBM Urbancode Deploy 7.1.2.1.1104332 IBM Urbancode Deploy 7.1.2.6 IBM Urbancode Deploy 7.0.0.0 IBM Urbancode Deploy 7.0.0.1 IBM Urbancode Deploy 7.0.1.0 IBM Urbancode Deploy 7.0.1.1 IBM Urbancode Deploy 7.0.1.2 IBM Urbancode Deploy 7.0.2.0 IBM Urbancode Deploy 7.0.2.1 IBM Urbancode Deploy 7.0.2.2 IBM Urbancode Deploy 7.0.2.3 IBM Urbancode Deploy 7.0.3.0 IBM Urbancode Deploy 7.0.3.1 IBM Urbancode Deploy 7.0.3.2 IBM Urbancode Deploy 7.0.3.3 IBM Urbancode Deploy 7.0.3.4 IBM Urbancode Deploy 7.0.3.4.1044170 IBM Urbancode Deploy 7.0.4.0 IBM Urbancode Deploy 7.0.4.1 IBM Urbancode Deploy 7.0.4.1.1036185 IBM Urbancode Deploy 7.0.4.2 IBM Urbancode Deploy 7.0.4.2.1038002 IBM Urbancode Deploy 7.0.4.3 IBM Urbancode Deploy 7.0.4.3.1044169 IBM Urbancode Deploy 7.0.5.0 IBM Urbancode Deploy 7.0.5.0.1041488 IBM Urbancode Deploy 7.0.5.1 IBM Urbancode Deploy 7.0.5.1.1044461 IBM Urbancode Deploy 7.0.5.2 IBM Urbancode Deploy 7.0.5.2.1050384 IBM Urbancode Deploy 7.0.5.3 IBM Urbancode Deploy 7.0.5.4 IBM Urbancode Deploy 7.0.5.10 IBM Urbancode Deploy 6.2.0.0 IBM Urbancode Deploy 6.2.0.1 IBM Urbancode Deploy 6.2.0.2 IBM Urbancode Deploy 6.2.0.201 IBM Urbancode Deploy 6.2.1 IBM Urbancode Deploy 6.2.1.0 IBM Urbancode Deploy 6.2.1.1 IBM Urbancode Deploy 6.2.1.2 IBM Urbancode Deploy 6.2.2 IBM Urbancode Deploy 6.2.2.0 IBM Urbancode Deploy 6.2.2.1 IBM Urbancode Deploy 6.2.3 IBM Urbancode Deploy 6.2.3.0 IBM Urbancode Deploy 6.2.3.1 IBM Urbancode Deploy 6.2.4 IBM Urbancode Deploy 6.2.4.0 IBM Urbancode Deploy 6.2.4.1 IBM Urbancode Deploy 6.2.4.2 IBM Urbancode Deploy 6.2.5 IBM Urbancode Deploy 6.2.5.0 IBM Urbancode Deploy 6.2.5.1 IBM Urbancode Deploy 6.2.5.2 IBM Urbancode Deploy 6.2.6 IBM Urbancode Deploy 6.2.6.0 IBM Urbancode Deploy 6.2.6.1 IBM Urbancode Deploy 6.2.7 IBM Urbancode Deploy 6.2.7.0 IBM Urbancode Deploy 6.2.7.2 IBM Urbancode Deploy 6.2.7.3 IBM Urbancode Deploy 6.2.7.4 IBM Urbancode Deploy 6.2.7.5 IBM Urbancode Deploy 6.2.7.6 IBM Urbancode Deploy 6.2.7.7 IBM Urbancode Deploy 6.2.7.9 IBM Urbancode Deploy 6.2.7.15 IBM Urbancode Deploy 7.3.0.0	89

Common Weakness Enumeration (CWE)

CWE-922 - Insecure Storage of Sensitive Information

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References