Information Disclosure in IBM UrbanCode Deploy and Build Products
CVE-2019-4666

2.3LOW

Key Information:

Vendor: IBM
Status: Urbancode Deploy; Urbancode Build
Vendor: CVE Published:; 13 February 2020

Summary

IBM UrbanCode Deploy and IBM UrbanCode Build may expose sensitive information due to improper permission configurations, allowing local users to unmask secure values in certain documents. This vulnerability can lead to unintended access to confidential information, compromising the security of applications managed by these tools.

Affected Version(s)

UrbanCode Build 6.1.5

UrbanCode Deploy 7.0.3

References

https://www.ibm.com/support/pages/node/1138576

x_refsource_CONFIRM

https://www.ibm.com/support/pages/node/2325141

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/171248

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2020
Vulnerability Reserved
Jan 3, 2019

.

🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.