CVE-2016-6068

HIGH

IBM UrbanCode Deploy - Privilege Escalation

Title source: llm
STIX 2.1

Description

IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg2C1000229
Technical Description, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95290

Scores

CVSS v3 7.5
EPSS 0.0026
EPSS Percentile 49.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (50)
ibm/urbancode_deploy 6.0
ibm/urbancode_deploy 6.0.1
ibm/urbancode_deploy 6.0.1.1
ibm/urbancode_deploy 6.0.1.2
ibm/urbancode_deploy 6.0.1.3
ibm/urbancode_deploy 6.0.1.4
ibm/urbancode_deploy 6.0.1.5
ibm/urbancode_deploy 6.0.1.6
ibm/urbancode_deploy 6.0.1.7
ibm/urbancode_deploy 6.0.1.8
... and 40 more
Published Feb 01, 2017
Tracked Since Feb 18, 2026