Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM82F284C66491A42FF47C2FAF4FBDE2F9DE6D17FA9862BF7E6615E28372D820AD
HistoryJul 24, 2020 - 9:16 p.m.

Security Bulletin: CVE-2019-4668 Pattern integration passwords stored in db without current encryption

2020-07-2421:16:35
www.ibm.com
7

EPSS

0

Percentile

5.1%

JSON

Summary

The password for pattern integrations is stored in the db without current encryption.

Vulnerability Details

CVEID:CVE-2019-4668
**DESCRIPTION:**IBM UrbanCode Deploy (UCD) stores user credentials in plain in clear text which can be read by a local user.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171250 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
UCD - IBM UrbanCode Deploy All

Remediation/Fixes

Upgrade server to 7.0.4.0 or later to remediate.

Workarounds and Mitigations

None

Related

nvd 1
prion 1
cvelist 1
cve 1
nvd
nvd
CVE-2019-4668
2020-04-23 15:15:12
prion
prion
Code injection
2020-04-23 15:15:00
cvelist
cvelist
CVE-2019-4668
2020-04-23 13:10:22
cve
cve
CVE-2019-4668
2020-04-23 15:15:12

EPSS

0

Percentile

5.1%

JSON
Related for 82F284C66491A42FF47C2FAF4FBDE2F9DE6D17FA9862BF7E6615E28372D820AD
nvd1prion1cvelist1cve1