Unauthorized Access to Sensitive Configuration Information in IBM UrbanCode Deploy

Unauthorized Access to Sensitive Configuration Information in IBM UrbanCode Deploy

CVE-2017-1286 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147.

Learn more about our Cis Benchmark Audit For Ibm I.