2318 matches found
IBM UrbanCode Deploy Denial of Service Vulnerability
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...
CVE-2023-42012
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509...
CVE-2023-42013
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...
CVE-2023-42013
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...
CVE-2023-42012
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509...
CVE-2023-47161
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799...
Information disclosure
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...
Code injection
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509...
Input validation
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799...
CVE-2023-47161 IBM UrbanCode Deploy denial of service
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799...
CVE-2023-47161 IBM UrbanCode Deploy denial of service
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799...
CVE-2023-47161
IBM UrbanCode Deploy (UCD) is affected by CVE-2023-47161 due to mishandling input validation of an uploaded archive file, causing a denial of service from resource exhaustion. Affected versions are 7.0–7.0.5.18, 7.1–7.1.2.14, 7.2–7.2.3.7, and 7.3–7.3.2.2. Remediation guidance recommends upgrading...
CVE-2023-42012 IBM UrbanCode Deploy denial of service
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509...
CVE-2023-42012
CVE-2023-42012 affects IBM UrbanCode Deploy Agent Windows services running in non-standard locations (versions 7.2–7.2.3.7 and 7.3–7.3.2.2). Local accounts can trigger a denial of service due to the service placement, with high impact on availability (CVSS v3.1 base AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:...
CVE-2023-42013 IBM UrbanCode Deploy information disclosure
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM...
CVE-2023-42015
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. IBM X-Force ID: 265512...
CVE-2023-42015
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. IBM X-Force ID: 265512...
Design/Logic Flaw
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. IBM X-Force ID: 265512...
CVE-2023-42015 IBM UrbanCode Deploy HTML injection
IBM UrbanCode Deploy UCD 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. IBM X-Force ID: 265512...
CVE-2023-42015
IBM UrbanCode Deploy (UCD) versions affected: 7.1 up to 7.1.2.14, 7.2 up to 7.2.3.7, and 7.3 up to 7.3.2.2 are vulnerable to HTML injection in the Web UI, potentially enabling disclosure of sensitive information. Root cause is an HTML injection vulnerability in the UI. CVSS base score is 4.3 (LOW...