Security Bulletin: CSV Injection (CVE-2019-4490)

Nov 14, 2019 7:00 pm EST

Categorized: High Severity

Share this post:

Maliciously crafted data in UCD could generate a malicious csv download file, when opened with certain unpactched 3rd party tools.

Affected product(s) and affected version(s):

Affected Product(s)Version(s)
UCD – IBM UrbanCode DeployAll

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1107249



from IBM Product Security Incident Response Team https://ift.tt/2NN7B55