IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system.
CVEID: CVE-2019-4168 DESCRIPTION: IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158701> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
All fixpacks of IBM UrbanCode Deploy 7.0 - 7.0.2.2 and IBM UrbanCode Deploy 6.2 - 6.2.7.4 are affected.
Upgrade to IBM UrbanCode Deploy 7.0.2.3 or later. If it is not possible to upgrade to 7.0.2.3 upgrade to IBM UrbanCode Deploy 6.2.7.5.
None