2 matches found
Security Bulletin: Urbancode Deploy is vulnerable to incorrect authorization reading Component Processes ( CVE-2022-35716 )
Summary Component process security checks can sometimes grant read-level access to users that do not have access if the process is owned by a Component Template and an endpoint performs multiple validations. Vulnerability Details CVEID:CVE-2022-35716 DESCRIPTION: IBM UrbanCode Deploy UCD could...
CVE-2022-35716
CVE-2022-35716 affects IBM UrbanCode Deploy (UCD) across multiple lines: 6.2.0.0–6.2.7.16, 7.0.0.0–7.0.5.11, 7.1.0.0–7.1.2.7, and 7.2.0.0–7.2.3.0. The issue stems from improper security checks that can allow an authenticated user to obtain sensitive information in some instances (information disc...