Aug 4, 2020 8:01 pm EDT
Categorized: High Severity
Share this post:
HTTP properties are vulnerable to an XXE attack. This could allow files from the server host to be extracted.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| UCD – IBM UrbanCode Deploy | 6.2.7.4 |
| UCD – IBM UrbanCode Deploy | 6.2.7.3 |
| UCD – IBM UrbanCode Deploy | 7.0.4.0 |
| UCD – IBM UrbanCode Deploy | 7.0.3.0 |
| UCD – IBM UrbanCode Deploy | All |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6256128
from IBM Product Security Incident Response Team https://ift.tt/33nYwrP
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.