Security Bulletin: CVE-2020-4483 Secure property value can be seen in diagnostics bundle and ds_request_audit_entry

Summary Secure property value can be seen in diagnostics bundle and dsrequestauditentry Vulnerability Details CVEID: CVE-2020-4483 DESCRIPTION: IBM UrbanCode Deploy UCD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser...

Security Bulletin: Secure properties can be shown in plain text in IBM UrbanCode Deploy (CVE-2016-9007)

Summary IBM UrbanCode Deploy could disclose secure property values leaked in process execution log output properties that could be accessable to unauthorized users. Vulnerability Details CVEID: CVE-2016-9007 DESCRIPTION: IBM UrbanCode Deploy could disclose secure property values leaked in process...

CVE-2016-0267

IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via 1 the server UI or 2 a database request...

HTTP Cookie 'secure' Property Transport Mismatch

The remote web server sends out cookies to clients with a 'secure' property that does not match the transport, HTTP or HTTPS, over which they were received. This may occur in two forms : 1. The cookie is sent over HTTP, but has the 'secure' property set, indicating that it should only be sent ove...