Unrated severityNVD Advisory· Published Apr 12, 2024· Updated Aug 1, 2024
IBM UrbanCode Deploy session fixation
CVE-2024-22358
Description
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 280896.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <=8.0.0.1
<=7.3.2.4+ 1 more
- (no CPE)range: <=7.3.2.4
- (no CPE)range: 7.0
- IBM/DevOps Deployv5Range: 8.0
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/pages/node/7148109mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/280896mitrevdb-entry
News mentions
0No linked articles in our index yet.