Описание
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:urbancode_deploy:6.2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:7.0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:7.0.4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00133
Низкий
5.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.
EPSS
Процентиль: 34%
0.00133
Низкий
5.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo