CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4848
https://notcve.org/view.php?id=CVE-2020-4848
30 Mar 2021 — IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293. IBM UrbanCode Deploy (UCD) versiones 6.2.7.9, 7.0.5.4 y 7.1.1.1, podría permitir a un usuario autenticado iniciar un plugin o comparar recursos del proceso a los que no debería tener acceso. IBM X-Force ID: 190293. • https://exchange.xforce.ibmcloud.com/vulnerabilities/190293 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4667
https://notcve.org/view.php?id=CVE-2019-4667
11 May 2020 — IBM UrbanCode Deploy (UCD) 7.0.5.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 171249. IBM UrbanCode Deploy (UCD) versión 7.0.5.2, podría permitir a un atacante remoto obtener información confidencial, causada por el fallo al habilitar apropiadamente HTTP Strict Transport Security. Un ataca... • https://exchange.xforce.ibmcloud.com/vulnerabilities/171249 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4260
https://notcve.org/view.php?id=CVE-2020-4260
16 Apr 2020 — IBM UrbanCode Deploy (UCD) 7.0.5 could allow a user with special permissions to obtain sensitive information via generic processes. IBM X-Force ID: 175639. IBM UrbanCode Deploy (UCD) versión 7.0.5, podría permitir a un usuario con permisos especiales obtener información confidencial por medio de procesos genéricos. IBM X-Force ID: 175639. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175639 •