CVE-2024-22349

CVSS 3.1 Score 4 of 10 (medium)

Details

Published Jan 20, 2025

CWE ID 525

Summary

CVE-2024-22349 is a vulnerability affecting IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity versions 4.0.0 through 4.0.25. This issue permits web pages to be saved locally on a system. If a user saves a sensitive web page, another user with access to the local storage could potentially read the page's contents, posing a security risk. This vulnerability could lead to information disclosure if an attacker gains unauthorized access to saved web pages. Users are advised to update their IBM DevOps Velocity and IBM UrbanCode Velocity installations as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uE7kH0
https://www.cve.org/CVERecord?id=CVE-2024-22349
https://nvd.nist.gov/vuln/detail/CVE-2024-22349

Back to Vulnerability Database

CVE-2024-22349

CVSS 3.1 Score 4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations