Vulnerabilities > IBM > Urbancode Deploy > 7.0.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-20 | CVE-2022-46771 | Cross-site Scripting vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. | 4.6 |
| 2022-11-17 | CVE-2022-40751 | Insufficiently Protected Credentials vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601. | 4.9 |
| 2022-08-01 | CVE-2022-35716 | Incorrect Authorization vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
| 2022-04-27 | CVE-2022-22315 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. | 8.8 |
| 2022-04-01 | CVE-2022-22327 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-03-30 | CVE-2020-4944 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. | 5.5 |
| 2021-03-30 | CVE-2020-4884 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy 6.2.7.9/7.0.5.4/7.1.1.1 IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2021-03-30 | CVE-2020-4848 | Unspecified vulnerability in IBM Urbancode Deploy 6.2.7.9/7.0.5.4/7.1.1.1 IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. | 5.4 |