CVE-2020-4484Sensitive Information Exposure in IBM Urbancode Deploy

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 69.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Urbancode Deploy
Timeline
PublishedNov 6
Latest updateMay 24

Description

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. IBM X-Force ID: 181858.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/urbancode_deploy4 versions+3
NVDibm/urbancode_deploy4 versions+3

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-75w9-4c83-wqm5: IBM UrbanCode Deploy (UCD) 62022-05-24
CVEList
CVE-2020-4484: IBM UrbanCode Deploy (UCD) 62020-11-06
CVE-2020-4484 — Sensitive Information Exposure in IBM | cvebase