CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-4202

HIGH
8.8
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile32.37th
Published2020年4月23日
Last Modified2024年11月21日

Vulnerability Description

IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.

Affected Platforms (CPE)

📦
Ibm

Urbancode Deploy

>= 7.0.3.0 and < 7.0.3.4
📦
Ibm

Urbancode Deploy

>= 7.0.4.0 and < 7.0.4.3

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/174955
🔗 https://www.ibm.com/support/pages/node/6195701
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/174955
🔗 https://www.ibm.com/support/pages/node/6195701

相关漏洞威胁

CVE-2016-893810.0

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the serve...

CVE-2020-44818.2

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack w...

CVE-2016-02718.2

The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's id...

CVE-2017-11498.1

IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE...