Matt Sparrow

**Name of the Vulnerable Software and Affected Versions** IBM UrbanCode Deploy versions 6.2.7.0 through 6.2.7.17 IBM UrbanCode Deploy versions 7.0.0.0 through 7.0.5.12 IBM UrbanCode Deploy versions 7.1.0.0 through 7.1.2.8 IBM UrbanCode Deploy versions 7.2.0.0 through 7.2.3.1 **Description** The issue allows a user with administrative privileges, including "Manage Security" permissions, to potentially recover a credential previously saved for performing authenticated LDAP searches. **Recommendations** For versions 6.2.7.0 through 6.2.7.17, update to a version outside of this range to resolve the issue. For versions 7.0.0.0 through 7.0.5.12, update to a version outside of this range to resolve the issue. For versions 7.1.0.0 through 7.1.2.8, update to a version outside of this range to resolve the issue. For versions 7.2.0.0 through 7.2.3.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to administrative privileges, including "Manage Security" permissions, until a patch is available.