CVE-2023-40376

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 4, 2023
Updated: Oct 5, 2023
CWE ID 287
CWE ID 862

Summary

CVE-2023-40376 is a vulnerability affecting IBM UrbanCode Deploy versions 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0. An authenticated user can manipulate environment variables due to insufficient authentication controls, potentially leading to security misconfigurations or unintended application behavior. IBM's X-Force has assigned this issue ID: 263581.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • IBM UrbanCode Deploy

Affected Vendors

  • IBM Corporation