Vulnerabilites related to IBM Corporation - UrbanCode Deploy
CVE-2016-6068 (GCVE-0-2016-6068)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=swg2C1000229 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95290 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:19.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000229"
},
{
"name": "95290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000229"
},
{
"name": "95290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000229",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000229"
},
{
"name": "95290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6068",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:19.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8938 (GCVE-0-2016-8938)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95289 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=swg2C1000237 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95289"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer\u0027s production applications."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95289"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer\u0027s production applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95289"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000237",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8938",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9008 (GCVE-0-2016-9008)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95283 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=swg2C1000238 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95283"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9008",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0320 (GCVE-0-2016-0320)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-05 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Bypass Security
Summary
IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95974 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=swg2C1000222 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:15:23.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95974",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass Security",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95974",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95974",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95974"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000222",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-0320",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-05T22:15:23.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2942 (GCVE-0-2016-2942)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/95975 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=swg2C1000218 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:13.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95975"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000218",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2942",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:13.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9006 (GCVE-0-2016-9006)
Vulnerability from cvelistv5
Published
2017-03-08 19:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-Site Scripting
Summary
IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: C1000264.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=swg2C1000264 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/96757 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 Version: 6.2.2.1 Version: 6.2.3.0 Version: 6.2.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000264"
},
{
"name": "96757",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96757"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "6.2.2.1"
},
{
"status": "affected",
"version": "6.2.3.0"
},
{
"status": "affected",
"version": "6.2.3.1"
}
]
}
],
"datePublic": "2017-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: C1000264."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-13T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000264"
},
{
"name": "96757",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96757"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
},
{
"version_value": "6.2.2.1"
},
{
"version_value": "6.2.3.0"
},
{
"version_value": "6.2.3.1"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: C1000264."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000264",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000264"
},
{
"name": "96757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96757"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9006",
"datePublished": "2017-03-08T19:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2941 (GCVE-0-2016-2941)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ibm.com/support/docview.wss?uid=swg2C1000220 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95978 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | UrbanCode Deploy |
Version: 6.1.0.2 Version: 6.0 Version: 6.0.1 Version: 6.0.1.1 Version: 6.0.1.2 Version: 6.0.1.3 Version: 6.0.1.4 Version: 6.0.1.5 Version: 6.0.1.6 Version: 6.1 Version: 6.1.0.1 Version: 6.1.0.3 Version: 6.0.1.7 Version: 6.0.1.8 Version: 6.1.0.4 Version: 6.1.1 Version: 6.1.1.1 Version: 6.1.1.2 Version: 6.1.1.3 Version: 6.1.1.4 Version: 6.1.1.5 Version: 6.0.1.9 Version: 6.1.1.6 Version: 6.1.1.7 Version: 6.1.2 Version: 6.0.1.10 Version: 6.0.1.11 Version: 6.1.1.8 Version: 6.1.3 Version: 6.1.3.1 Version: 6.2 Version: 6.2.0.1 Version: 6.0.1.12 Version: 6.1.3.2 Version: 6.2.0.2 Version: 6.2.1 Version: 6.0.1.13 Version: 6.2.1.1 Version: 6.0.1.14 Version: 6.1.3.3 Version: 6.2.1.2 Version: 6.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:13.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000220"
},
{
"name": "95978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UrbanCode Deploy",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.1.0.2"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.1.3"
},
{
"status": "affected",
"version": "6.0.1.4"
},
{
"status": "affected",
"version": "6.0.1.5"
},
{
"status": "affected",
"version": "6.0.1.6"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.0.1"
},
{
"status": "affected",
"version": "6.1.0.3"
},
{
"status": "affected",
"version": "6.0.1.7"
},
{
"status": "affected",
"version": "6.0.1.8"
},
{
"status": "affected",
"version": "6.1.0.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1.1.2"
},
{
"status": "affected",
"version": "6.1.1.3"
},
{
"status": "affected",
"version": "6.1.1.4"
},
{
"status": "affected",
"version": "6.1.1.5"
},
{
"status": "affected",
"version": "6.0.1.9"
},
{
"status": "affected",
"version": "6.1.1.6"
},
{
"status": "affected",
"version": "6.1.1.7"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.1.10"
},
{
"status": "affected",
"version": "6.0.1.11"
},
{
"status": "affected",
"version": "6.1.1.8"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.0.1"
},
{
"status": "affected",
"version": "6.0.1.12"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.2.0.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.0.1.13"
},
{
"status": "affected",
"version": "6.2.1.1"
},
{
"status": "affected",
"version": "6.0.1.14"
},
{
"status": "affected",
"version": "6.1.3.3"
},
{
"status": "affected",
"version": "6.2.1.2"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"datePublic": "2016-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000220"
},
{
"name": "95978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95978"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UrbanCode Deploy",
"version": {
"version_data": [
{
"version_value": "6.1.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.1.3"
},
{
"version_value": "6.0.1.4"
},
{
"version_value": "6.0.1.5"
},
{
"version_value": "6.0.1.6"
},
{
"version_value": "6.1"
},
{
"version_value": "6.1.0.1"
},
{
"version_value": "6.1.0.3"
},
{
"version_value": "6.0.1.7"
},
{
"version_value": "6.0.1.8"
},
{
"version_value": "6.1.0.4"
},
{
"version_value": "6.1.1"
},
{
"version_value": "6.1.1.1"
},
{
"version_value": "6.1.1.2"
},
{
"version_value": "6.1.1.3"
},
{
"version_value": "6.1.1.4"
},
{
"version_value": "6.1.1.5"
},
{
"version_value": "6.0.1.9"
},
{
"version_value": "6.1.1.6"
},
{
"version_value": "6.1.1.7"
},
{
"version_value": "6.1.2"
},
{
"version_value": "6.0.1.10"
},
{
"version_value": "6.0.1.11"
},
{
"version_value": "6.1.1.8"
},
{
"version_value": "6.1.3"
},
{
"version_value": "6.1.3.1"
},
{
"version_value": "6.2"
},
{
"version_value": "6.2.0.1"
},
{
"version_value": "6.0.1.12"
},
{
"version_value": "6.1.3.2"
},
{
"version_value": "6.2.0.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.0.1.13"
},
{
"version_value": "6.2.1.1"
},
{
"version_value": "6.0.1.14"
},
{
"version_value": "6.1.3.3"
},
{
"version_value": "6.2.1.2"
},
{
"version_value": "6.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000220",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000220"
},
{
"name": "95978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95978"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2941",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:13.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}