Published: 01/02/2017 Updated: 13/02/2017

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm urbancode deploy 6.0.1.3
ibm urbancode deploy 6.0.1.4
ibm urbancode deploy 6.0.1.5
ibm urbancode deploy 6.0.1.6
ibm urbancode deploy 6.1.1.5
ibm urbancode deploy 6.1.1.6
ibm urbancode deploy 6.1.1.7
ibm urbancode deploy 6.1.1.8
ibm urbancode deploy 6.0.1.13
ibm urbancode deploy 6.0.1.2
ibm urbancode deploy 6.0.1.7
ibm urbancode deploy 6.0.1.9
ibm urbancode deploy 6.1.1.1
ibm urbancode deploy 6.1.1.3
ibm urbancode deploy 6.1.3
ibm urbancode deploy 6.1.3.2
ibm urbancode deploy 6.2.1
ibm urbancode deploy 6.2.2
ibm urbancode deploy 6.0
ibm urbancode deploy 6.0.1
ibm urbancode deploy 6.0.1.1
ibm urbancode deploy 6.0.1.10
ibm urbancode deploy 6.0.1.11
ibm urbancode deploy 6.1.0.1
ibm urbancode deploy 6.1.0.2
ibm urbancode deploy 6.1.0.3
ibm urbancode deploy 6.1.0.4
ibm urbancode deploy 6.1.3.3
ibm urbancode deploy 6.2.0.0
ibm urbancode deploy 6.2.0.1
ibm urbancode deploy 6.2.0.2
ibm urbancode deploy 6.0.1.12
ibm urbancode deploy 6.0.1.14
ibm urbancode deploy 6.0.1.8
ibm urbancode deploy 6.1
ibm urbancode deploy 6.1.1
ibm urbancode deploy 6.1.1.2
ibm urbancode deploy 6.1.1.4
ibm urbancode deploy 6.1.2
ibm urbancode deploy 6.1.3.1
ibm urbancode deploy 6.2.1.1
ibm urbancode deploy 6.2.2.1

CWE-284 http://www.ibm.com/support/docview.wss?uid=swg2C1000222 http://www.securityfocus.com/bid/95974 https://nvd.nist.gov

CVE-2016-0320

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect