Publish GHSA-6f8w-f2r8-4fhv

github · Feb 8, 2025 · 356c127 · 356c127
1 parent 5df679e
commit 356c127
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/advisories/unreviewed/2025/02/GHSA-6f8w-f2r8-4fhv/GHSA-6f8w-f2r8-4fhv.json b/advisories/unreviewed/2025/02/GHSA-6f8w-f2r8-4fhv/GHSA-6f8w-f2r8-4fhv.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-6f8w-f2r8-4fhv",
+  "modified": "2025-02-08T18:34:42Z",
+  "published": "2025-02-08T18:34:42Z",
+  "aliases": [
+    "CVE-2024-54176"
+  ],
+  "details": "IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54176"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.ibm.com/support/pages/node/7182840"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-306"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-02-08T17:15:21Z"
+  }
+}