Urbancode Deploy@6.1.2 Security Vulnerabilities and Issues — Urbancode Deploy@6.1.2 CVE List

Lucene search

IbmUrbancode Deploy6.1.2

5 matches found

CVE•added 2016/07/01 1:59 a.m.•46 views

CVE-2016-0364

IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 does not properly implement a logging-obfuscation feature for secure properties, which allows remote authenticated users to obtain sensitive information via vectors involving special characters.

4.3CVSS4AI score0.00155EPSS

CVE•added 2016/07/08 1:59 a.m.•42 views

CVE-2016-0271

The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an HTTP session, which allows local users to obtain root access to arbitrary agents via unspecified vectors.

8.2CVSS7.6AI score0.00038EPSS

CVE•added 2016/01/01 5:59 a.m.•39 views

CVE-2015-7415

Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS5AI score0.00168EPSS

CVE•added 2016/07/01 1:59 a.m.•35 views

CVE-2016-0365

IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication and obtain sensitive artifact information via unspecified vectors.

5.9CVSS5.7AI score0.00188EPSS

CVE•added 2016/06/29 1:59 a.m.•34 views

CVE-2016-0267

IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the server UI or (2) a database request.

7.7CVSS6.9AI score0.00202EPSS