CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22348

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.0%

CVSS Severity

CVSS v3 Score 5.3

References

https://www.ibm.com/support/pages/node/7172750

Products affected by CVE-2024-22348

Ibm » Devops Velocity » Version: 5.0.0

cpe:2.3:a:ibm:devops_velocity:5.0.0
Ibm » Urbancode Velocity » Version: Any

cpe:2.3:a:ibm:urbancode_velocity:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22348

Products

Pricing

Contact Us