CVE-2017-1493

Опубликовано: 09 янв. 2018

Источник: nvd

CVSS3: 5.4

CVSS2: 5.5

EPSS Низкий

Описание

IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg2C1000367
Vendor Advisory
http://www.securityfocus.com/bid/102483
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/128691
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg2C1000367
Vendor Advisory
http://www.securityfocus.com/bid/102483
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/128691
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:urbancode_deploy:6.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.0.201:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:urbancode_deploy:6.2.6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00135

Низкий

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-255j-56mh-hp3w