1393 matches found
CVE-2024-55904
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904
CVE-2024-55904 affects IBM UrbanCode Deploy (UCD) versions 7.0–7.0.5.25, 7.1–7.1.2.21, 7.2–7.2.3.14, 7.3–7.3.2.9 and IBM DevOps Deploy versions 8.0–8.0.1.4, 8.1–8.1.0.0. The vulnerability is a remote, authenticated command injection (CWE-78) allowing an attacker to execute arbitrary commands on t...
CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
PT-2025-6721 · Ibm · Ibm Devops Deploy +1
Name of the Vulnerable Software and Affected Versions: IBM DevOps Deploy versions 8.0 through 8.0.1.4 IBM DevOps Deploy versions 8.1 through 8.1.0.0 IBM UrbanCode Deploy versions 7.0 through 7.0.5.25 IBM UrbanCode Deploy versions 7.1 through 7.1.2.21 IBM UrbanCode Deploy versions 7.2 through...
IBM UrbanCode Deploy和IBM DevOps Deploy 操作系统命令注入漏洞
IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM, U.S.A. IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remot...
CVE-2024-54176
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...
CVE-2024-54176
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...
CVE-2024-54176
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing...
CVE-2024-54176
CVE-2024-54176 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. The vulnerability arises from missing authorization for a function, enabling an authenticated user to obtain sensitive information about other users on the system (CWE-306). Affected are UCD versions 7.0–7.0.5.25, 7.1–7.1.2....
IBM DevOps Deploy 访问控制错误漏洞
IBM UrbanCode Deploy IBM UCD is a suite of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the automation of complex applicatio...
PT-2025-6023 · Ibm · Ibm Urbancode Deploy +1
Name of the Vulnerable Software and Affected Versions: IBM DevOps Deploy versions 8.0 through 8.0.1.4 IBM DevOps Deploy versions 8.1 through 8.1.0.0 IBM UrbanCode Deploy versions 7.0 through 7.0.5.25 IBM UrbanCode Deploy versions 7.1 through 7.1.2.21 IBM UrbanCode Deploy versions 7.2 through...
Security Bulletin: Due to the use of VMWare Tanzu Spring Framework, IBM DevOps Build is vulnerable to remote attacker to conduct phising attacks
Summary IBM DevOps Build 7.0.0.2 addresses CVE-2024-22259 by updating spring-web jar.. Vulnerability Details CVEID:CVE-2024-22259 DESCRIPTION: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL e.g. through a query parameter AND perform validation...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to Insertion of Sensitive Information into Log File vulnerability (CVE-2024-45091)
Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. Vulnerability Details CVEID:CVE-2024-45091 DESCRIPTION: IBM UrbanCode Deploy UCD stores potentially sensitive information...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is vulnerable to HTML injection (CVE-2024-51472)
Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. Vulnerability Details CVEID:CVE-2024-51472 DESCRIPTION: IBM DevOps Deploy /...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Apache Tomcat (CVE-2024-38286)
Summary Apache Tomcat is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of its web interface. Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of the TLS handshake process under certain configurations. By sending specially crafted requests, a remot...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-45073, CVE-2024-45086, CVE-2024-45072, CVE-2024-45085)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-45087, CVE-2023-50315)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-35154, CVE-2024-45071, CVE-2024-35153)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...