Show filters
59 Total Results
Displaying 51-59 of 59
Sort by:
Attacker Value
Unknown

CVE-2016-2942

Disclosure Date: February 01, 2017 (last updated November 25, 2024)
IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.
0
0
Attacker Value
Unknown

CVE-2016-2994

Disclosure Date: December 01, 2016 (last updated November 25, 2024)
Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x before 6.2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-0271

Disclosure Date: July 08, 2016 (last updated November 25, 2024)
The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an HTTP session, which allows local users to obtain root access to arbitrary agents via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-0364

Disclosure Date: July 01, 2016 (last updated November 25, 2024)
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 does not properly implement a logging-obfuscation feature for secure properties, which allows remote authenticated users to obtain sensitive information via vectors involving special characters.
0
0
Attacker Value
Unknown

CVE-2016-0365

Disclosure Date: July 01, 2016 (last updated November 25, 2024)
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication and obtain sensitive artifact information via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-0267

Disclosure Date: June 29, 2016 (last updated November 25, 2024)
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the server UI or (2) a database request.
0
0
Attacker Value
Unknown

CVE-2015-7415

Disclosure Date: January 01, 2016 (last updated November 25, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
0
0
Attacker Value
Unknown

CVE-2015-4964

Disclosure Date: October 06, 2015 (last updated October 05, 2023)
IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6.1.1.8, and 6.1.2 writes admin AUTH_TOKEN values to execution logs, which allows remote authenticated users to gain privileges by leveraging the ability to create and execute a process.
0
0
Attacker Value
Unknown

CVE-2014-6074

Disclosure Date: September 10, 2014 (last updated October 05, 2023)
IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated users to read keystore secret keys via a direct request to a UI page.
0
0
View More Topics  < Previous