Vulnerabilities > IBM > Urbancode Deploy > 7.0.4.0

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-4482 Unspecified vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security.
network
low complexity
ibm
4.0
4.0
2020-08-05 CVE-2020-4481 XML Entity Expansion vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-776
6.4
6.4
2020-04-23 CVE-2020-4202 Improper Privilege Management vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE).
network
ibm CWE-269
6.0
6.0
2020-04-16 CVE-2020-4260 Information Exposure vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 7.0.5 could allow a user with special permissions to obtain sensitive information via generic processes.
network
low complexity
ibm CWE-200
4.0
4.0