IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24459)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2021-24460)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

CVE-2020-4884

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

CVE-2020-4944

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

CVE-2020-4848

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

CVE-2020-4944

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

CVE-2020-4884

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

CVE-2020-4848

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

Code injection

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

Code injection

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

Code injection

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

CVE-2020-4944

IBM UrbanCode Deploy UCD 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. IBM X-Force ID: 191944...

CVE-2020-4884

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908...

CVE-2020-4884

CVE-2020-4884 affects IBM UrbanCode Deploy (UCD) versions 6.2.7.9, 7.0.5.4, and 7.1.1.1. The root cause is storing user credentials in plaintext, which can be read by a local user. Consequence: credential disclosure from plaintext storage. References in IBM advisories align with NVD details. Reme...

CVE-2020-4848

IBM UrbanCode Deploy UCD 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293...

CVE-2020-4848

IBM UrbanCode Deploy (UCD) has a confirmed information-disclosure/privilege-elevation issue (CVE-2020-4848) affecting 6.2.7.9, 7.0.5.4, and 7.1.1.1. An authenticated user could initiate a plugin or compare process resources they should not access due to insufficient execute permissions. The IBM s...

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

Security Bulletin: CVE-2020-4848 Certain users can run auto-configure/compare on resources without execute permission

Summary Certain users can run auto-configure/compare on resources without execute permission Vulnerability Details CVEID: CVE-2020-4848 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. CV...

Security Bulletin: CVE-2021-24122 When serving resources from a network location using the NTFS file system, Apache Tomcat versions 8.5.0 to 8.5.59 were susceptible to JSP source code disclo

Summary When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected...