1. Home
  2. CVE Database
  3. CVE-2024-51472
LOW · 3.1

CVE-2024-51472

IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary...

Vulnerability Description

IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmDevops Deploy>= 8.0.0.0, <= 8.0.1.3
IbmUrbancode Deploy>= 7.2, <= 7.2.3.13

Related Weaknesses (CWE)

CWE-79CWE-80

References

FAQ

What is CVE-2024-51472?

CVE-2024-51472 is a vulnerability with a CVSS score of 3.1 (LOW). IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary...

How severe is CVE-2024-51472?

CVE-2024-51472 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-51472?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Devops Deploy, Ibm Urbancode Deploy.