CVE-2024-22347

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Jan 20, 2025

CWE ID 327

Summary

CVE-2024-22347 is a vulnerability affecting IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.25. The issue lies in the use of weaker than expected cryptographic algorithms, making it possible for attackers to decrypt highly sensitive information. This could potentially lead to data breaches and unauthorized access. IBM strongly recommends users to upgrade to the latest version of these products or apply patches to address this vulnerability. Failure to do so may put sensitive data at risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uE8j8y
https://www.cve.org/CVERecord?id=CVE-2024-22347
https://nvd.nist.gov/vuln/detail/CVE-2024-22347

Back to Vulnerability Database

CVE-2024-22347

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations