CVE-2016-0373

Summary

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.

Affected Software

VendorProductVersion RangeStatus
IBMUrbanCode Deploy6.1.0.2affected
IBMUrbanCode Deploy6.0affected
IBMUrbanCode Deploy6.0.1affected
IBMUrbanCode Deploy6.0.1.1affected
IBMUrbanCode Deploy6.0.1.2affected
IBMUrbanCode Deploy6.0.1.3affected
IBMUrbanCode Deploy6.0.1.4affected
IBMUrbanCode Deploy6.0.1.5affected
IBMUrbanCode Deploy6.0.1.6affected
IBMUrbanCode Deploy6.1affected
IBMUrbanCode Deploy6.1.0.1affected
IBMUrbanCode Deploy6.1.0.3affected
IBMUrbanCode Deploy6.0.1.7affected
IBMUrbanCode Deploy6.0.1.8affected
IBMUrbanCode Deploy6.1.0.4affected
IBMUrbanCode Deploy6.1.1affected
IBMUrbanCode Deploy6.1.1.1affected
IBMUrbanCode Deploy6.1.1.2affected
IBMUrbanCode Deploy6.1.1.3affected
IBMUrbanCode Deploy6.1.1.4affected
IBMUrbanCode Deploy6.1.1.5affected
IBMUrbanCode Deploy6.0.1.9affected
IBMUrbanCode Deploy6.1.1.6affected
IBMUrbanCode Deploy6.1.1.7affected
IBMUrbanCode Deploy6.1.2affected
IBMUrbanCode Deploy6.0.1.10affected
IBMUrbanCode Deploy6.0.1.11affected
IBMUrbanCode Deploy6.1.1.8affected
IBMUrbanCode Deploy6.1.3affected
IBMUrbanCode Deploy6.1.3.1affected
IBMUrbanCode Deploy6.2affected
IBMUrbanCode Deploy6.2.0.1affected
IBMUrbanCode Deploy6.0.1.12affected
IBMUrbanCode Deploy6.1.3.2affected
IBMUrbanCode Deploy6.2.0.2affected
IBMUrbanCode Deploy6.2.1affected
IBMUrbanCode Deploy6.0.1.13affected
IBMUrbanCode Deploy6.2.1.1affected
IBMUrbanCode Deploy6.0.1.14affected
IBMUrbanCode Deploy6.1.3.3affected
IBMUrbanCode Deploy6.2.2affected
IBMUrbanCode Deploy6.2.2.1affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References