3 matches found
CVE-2020-4482
IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856...
CVE-2020-4482
IBM UrbanCode Deploy (UCD) versions affected by CVE-2020-4482 include 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0. A security bypass vulnerability exists where an authenticated user with access to a snapshot can call REST endpoints to apply unauthorized additional statuses, effectively bypassing secur...
Security Bulletin: CVE-2020-4482 ADD SNAPSHOT STATUS REST CALL DOESN'T CHECK THE USER ROLE
Summary ADD SNAPSHOT STATUS REST CALL DOESN'T CHECK THE USER ROLE BEFORE ADDING THE STATUS TO SNAPSHOT Vulnerability Details CVEID: CVE-2020-4482 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized...