Skip to main content

IBM DevOps Deploy CVE-2026-12085

| EUVDEUVD-2026-40391 MEDIUM
Insertion of Sensitive Information Into Sent Data (CWE-201)
2026-06-30 psirt@us.ibm.com GHSA-6qv6-3qwf-mmv5
6.5
CVSS 3.1 · Vendor: us
Share

Severity by source

Vendor (us) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-accessible API (AV:N, AC:L), requires authenticated low-privilege user (PR:L), confidentiality-only impact with no integrity or availability effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (us).

CVSS VectorVendor: us

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 30, 2026 - 20:37 vuln.today

DescriptionCVE.org

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system.

AnalysisAI

Sensitive configuration and secret disclosure in IBM UrbanCode Deploy (7.3-7.3.2.18) and IBM DevOps Deploy (8.0-8.2.1.0) exposes credentials and configuration data to any authenticated low-privilege user via API responses. The exposed secrets can serve as a direct launchpad for privilege escalation or lateral movement within the CI/CD pipeline and connected deployment targets. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate with low-privilege DevOps Deploy credentials
Delivery
Query pipeline or environment API endpoint
Exploit
Extract secrets from API response
Execution
Use harvested credentials against deployment targets
Impact
Access or persist on downstream systems

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session with at minimum low-privilege access to the IBM UrbanCode Deploy or IBM DevOps Deploy instance (PR:L per CVSS). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 6.5 medium score is technically accurate but potentially understates business risk in environments where DevOps Deploy manages secrets for critical infrastructure deployments. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a valid low-privilege account - such as a developer or read-only auditor provisioned within IBM DevOps Deploy - queries a pipeline or environment configuration API endpoint and receives a response that includes plaintext or minimally obfuscated secrets such as SSH keys, database passwords, or cloud provider tokens. The attacker extracts these credentials and uses them to authenticate directly to deployment targets or cloud environments managed by the pipeline, bypassing normal access controls. …
Remediation Consult the IBM security advisory at https://www.ibm.com/support/pages/node/7277577 for exact patched version numbers; the advisory is the authoritative source since no specific fix version was included in the available intelligence data. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2024-22358 HIGH
8.8 Apr 12

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM

CVE-2026-12084 HIGH
7.5 Jun 30

Sensitive information disclosure and unauthorized privileged actions in IBM DevOps Deploy (formerly UrbanCode Deploy/UCD

CVE-2024-55904 HIGH
7.2 Feb 14

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.

CVE-2024-56469 MEDIUM
6.3 Mar 27

IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0

CVE-2024-22359 MEDIUM
6.1 Apr 12

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM

CVE-2026-12086 MEDIUM
5.5 Jun 30

Sensitive information disclosure in IBM UrbanCode Deploy and IBM DevOps Deploy exposes potentially sensitive data to any

CVE-2025-1998 MEDIUM
5.5 Mar 27

IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 throu

CVE-2024-22331 MEDIUM
5.5 Feb 06

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM

CVE-2025-1997 MEDIUM
5.4 Mar 27

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / I

CVE-2024-28781 MEDIUM
5.4 May 14

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4, and 8.0

CVE-2024-22334 MEDIUM
4.4 Apr 12

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM

CVE-2024-54176 MEDIUM
4.3 Feb 08

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 thro

Share

CVE-2026-12085 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy