CVE-2016-0373

EUVD-2016-0408
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.0/A:N/AC:H/AV:N/C:L/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
ibmurbancode_deploy
6.0 ≤
𝑥
≤ 6.2.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219
https://exchange.xforce.ibmcloud.com/vulnerabilities/112119
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219
https://exchange.xforce.ibmcloud.com/vulnerabilities/112119