IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system.
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Devops_deploy | Ibm | 8.0.0.0 (including) | 8.0.1.14 (excluding) |
| Devops_deploy | Ibm | 8.1.0.0 (including) | 8.1.2.7 (excluding) |
| Devops_deploy | Ibm | 8.2.0.0 (including) | 8.2.1.0 (excluding) |
| Urbancode_deploy | Ibm | 7.3.0.0 (including) | 7.3.2.19 (excluding) |