2 matches found
Security Bulletin: Authenticated Users Can Gain Privilege in IBM UrbanCode Deploy (CVE-2017-1493)
Summary Previous releases of IBM UrbanCode Deploy allow authenticated users to view and edit information they do not have permission to. Vulnerability Details CVEID: CVE-2017-1493 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticated user to edit objects that they should not have...
CVE-2017-1493
IBM UrbanCode Deploy (UCD) 6.1 (6.1.0–6.1.3.6) and 6.2 (6.2.0–6.2.6.1) are affected by CVE-2017-1493, where an authenticated user could edit objects they should not have access to due to improper access controls. The advisory from IBM reiterates that previous releases allow unauthorized edits. Re...