PT-2017-8878 · Ibm · Ibm Urbancode Deploy

Published

2017-02-01

Updated

2017-02-13

CVE-2016-6068

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy (affected versions not specified)

Description The issue allows an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. This could potentially lead to unauthorized access to sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-6068

Affected Products

Ibm Urbancode Deploy

PT-2017-8878 · Ibm · Ibm Urbancode Deploy

CVE-2016-6068

Weakness Enumeration

Related Identifiers

Affected Products

References · 4