Known Vulnerabilities
CVE-2016-0373
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
LOW
CVSS 3.1
Published Aug 30, 2018
CVE-2017-1749
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522.
MEDIUM
CVSS 5.3
Published Aug 13, 2018
CVE-2017-1752
IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated privileged user to obtain highly sensitive information. IBM X-Force ID: 135547.
UNKNOWN
Published May 25, 2018
CVE-2017-1493
IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691.
UNKNOWN
Published Jan 09, 2018