CVE-2016-0373
3.1
CVSS:3.0/A:N/AC:H/AV:N/C:L/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O
Summary
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | UrbanCode Deploy | 6.1.0.2 | affected |
| IBM | UrbanCode Deploy | 6.0 | affected |
| IBM | UrbanCode Deploy | 6.0.1 | affected |
| IBM | UrbanCode Deploy | 6.0.1.1 | affected |
| IBM | UrbanCode Deploy | 6.0.1.2 | affected |
| IBM | UrbanCode Deploy | 6.0.1.3 | affected |
| IBM | UrbanCode Deploy | 6.0.1.4 | affected |
| IBM | UrbanCode Deploy | 6.0.1.5 | affected |
| IBM | UrbanCode Deploy | 6.0.1.6 | affected |
| IBM | UrbanCode Deploy | 6.1 | affected |
| IBM | UrbanCode Deploy | 6.1.0.1 | affected |
| IBM | UrbanCode Deploy | 6.1.0.3 | affected |
| IBM | UrbanCode Deploy | 6.0.1.7 | affected |
| IBM | UrbanCode Deploy | 6.0.1.8 | affected |
| IBM | UrbanCode Deploy | 6.1.0.4 | affected |
| IBM | UrbanCode Deploy | 6.1.1 | affected |
| IBM | UrbanCode Deploy | 6.1.1.1 | affected |
| IBM | UrbanCode Deploy | 6.1.1.2 | affected |
| IBM | UrbanCode Deploy | 6.1.1.3 | affected |
| IBM | UrbanCode Deploy | 6.1.1.4 | affected |
| IBM | UrbanCode Deploy | 6.1.1.5 | affected |
| IBM | UrbanCode Deploy | 6.0.1.9 | affected |
| IBM | UrbanCode Deploy | 6.1.1.6 | affected |
| IBM | UrbanCode Deploy | 6.1.1.7 | affected |
| IBM | UrbanCode Deploy | 6.1.2 | affected |
| IBM | UrbanCode Deploy | 6.0.1.10 | affected |
| IBM | UrbanCode Deploy | 6.0.1.11 | affected |
| IBM | UrbanCode Deploy | 6.1.1.8 | affected |
| IBM | UrbanCode Deploy | 6.1.3 | affected |
| IBM | UrbanCode Deploy | 6.1.3.1 | affected |
| IBM | UrbanCode Deploy | 6.2 | affected |
| IBM | UrbanCode Deploy | 6.2.0.1 | affected |
| IBM | UrbanCode Deploy | 6.0.1.12 | affected |
| IBM | UrbanCode Deploy | 6.1.3.2 | affected |
| IBM | UrbanCode Deploy | 6.2.0.2 | affected |
| IBM | UrbanCode Deploy | 6.2.1 | affected |
| IBM | UrbanCode Deploy | 6.0.1.13 | affected |
| IBM | UrbanCode Deploy | 6.2.1.1 | affected |
| IBM | UrbanCode Deploy | 6.0.1.14 | affected |
| IBM | UrbanCode Deploy | 6.1.3.3 | affected |
| IBM | UrbanCode Deploy | 6.2.2 | affected |
| IBM | UrbanCode Deploy | 6.2.2.1 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219
- https://exchange.xforce.ibmcloud.com/vulnerabilities/112119
References
- http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219
- https://exchange.xforce.ibmcloud.com/vulnerabilities/112119
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.