Описание
IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID:
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.2.7.0 (включая) до 6.2.7.18 (исключая)Версия от 7.0.0.0 (включая) до 7.0.5.13 (исключая)Версия от 7.1.0.0 (включая) до 7.1.2.9 (исключая)Версия от 7.2.0.0 (включая) до 7.2.3.2 (исключая)
Одно из
cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-522
CWE-522
Связанные уязвимости
CVSS3: 4.9
github
около 3 лет назад
IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601.
EPSS
Процентиль: 33%
0.00128
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-522
CWE-522