CVE-2017-1493Improper Privilege Management in IBM Urbancode Deploy

CWE-269Improper Privilege Management3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.1%
top 66.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Urbancode Deploy
Timeline
PublishedJan 9
Latest updateMay 13

Description

IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

CVEListV5ibm/urbancode_deploy37 versions+36
NVDibm/urbancode_deploy40 versions+39

🔴Vulnerability Details

2
GHSA
GHSA-255j-56mh-hp3w: IBM UrbanCode Deploy (UCD) 62022-05-13
CVEList
CVE-2017-1493: IBM UrbanCode Deploy (UCD) 62018-01-09
CVE-2017-1493 — Improper Privilege Management in IBM | cvebase