CVE-2016-0320

Опубликовано: 01 фев. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg2C1000222
Patch
Vendor Advisory
http://www.securityfocus.com/bid/95974
Third Party Advisory
VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg2C1000222
Patch
Vendor Advisory
http://www.securityfocus.com/bid/95974
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:urbancode_deploy:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.0.1.14:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00125

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-8h67-hvhq-252w