exploitDog

GHSA-6f8w-f2r8-4fhv

Опубликовано: 08 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.

Ссылки

EPSS

Процентиль: 22%

0.00074

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2024-54176

CVSS3: 4.3

nvd

около 1 года назад

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.

EPSS

Процентиль: 22%

0.00074

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-306