Unauthorized Access to Sensitive Information in IBM UrbanCode Deploy

Unauthorized Access to Sensitive Information in IBM UrbanCode Deploy

CVE-2016-0373 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.

Learn more about our User Device Pen Test.