Authentication Bypass in IBM UrbanCode Deploy
CVE-2020-4848
5.4MEDIUM
Summary
The vulnerability in IBM UrbanCode Deploy allows an authenticated user to initiate processes or access plugin resources beyond their permitted scope. This unauthorized access could lead to potential exploitation by malicious actors, thereby compromising the integrity and security of the deployment environment. Users of affected versions should apply the necessary remediation measures to safeguard their systems.
Affected Version(s)
UrbanCode Deploy 6.2.7.9
UrbanCode Deploy 7.0.5.4
UrbanCode Deploy 7.1.1.1
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved