Описание
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
Ссылки
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.0 (включая) до 6.2.2.1 (включая)
cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00102
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-285
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
EPSS
Процентиль: 28%
0.00102
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-285