CVE-2025-1998 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2025-1998

Analyzed

More Info Official Page

Source-psirt@us.ibm.com

Published At-27 Mar, 2025 | 15:15

Updated At-14 Aug, 2025 | 19:13

IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CPE Matches

IBM Corporation

>>devops_deploy>>Versions from 8.0.0.0(inclusive) to 8.0.1.5(exclusive)

cpe:2.3:a:ibm:devops_deploy:*:*:*:*:*:*:*:*

IBM Corporation

>>devops_deploy>>8.1.0.0

cpe:2.3:a:ibm:devops_deploy:8.1.0.0:*:*:*:*:*:*:*

IBM Corporation

>>urbancode_deploy>>Versions from 7.1.0.0(inclusive) to 7.1.2.22(exclusive)

cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*

IBM Corporation

>>urbancode_deploy>>Versions from 7.2.0.0(inclusive) to 7.2.3.15(exclusive)

cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*

IBM Corporation

>>urbancode_deploy>>Versions from 7.3.0.0(inclusive) to 7.3.2.10(exclusive)

cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-532	Primary	psirt@us.ibm.com

References

Hyperlink	Source	Resource
https://www.ibm.com/support/pages/node/7229034	psirt@us.ibm.com	Vendor Advisory