2 matches found
Security Bulletin: Pre-processing and post-processing scripts can access the entire domain model of server or agent (CVE-2016-2942)
Summary IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine. Vulnerability Details CVEID: CVE-2016-2942 DESCRIPTION: IBM UrbanCode Deploy could allow an...
CVE-2016-2942
CVE-2016-2942 affects IBM UrbanCode Deploy. An authenticated user with special permissions can craft a script on the server that causes processes to run on a remote UCD agent machine. The IBM advisory lists affected versions (6.0–6.2.x) and provides fixes: upgrade to 6.2.3 (for 6.2.x) or 6.1.3.4 ...