Skip to main content
Skip table of contents

ISN 2026-09: UMS Information Disclosure

First published 1 April 2026

CVSS:3.1: 8.6 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Summary

A security vulnerability has been found in the UMS. This affects the following product versions:

  • IGEL UMS in version 12.10.100 and older

Details

It has been discovered that an HTTPS endpoint in UMS disclosed multiple files without authentication.

Update Instructions

  • Update to UMS 12.11.100 or newer when available.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close