Filtered by vendor Ibm
Subscriptions
Filtered by product Urbancode Deploy
Subscriptions
Total
50 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1286 | 1 Ibm | 1 Urbancode Deploy | 2024-08-05 | N/A |
| Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147. | ||||
| CVE-2017-1149 | 1 Ibm | 1 Urbancode Deploy | 2024-08-05 | N/A |
| IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM X-Force ID: 122202. | ||||
| CVE-2022-46771 | 1 Ibm | 1 Urbancode Deploy | 2024-08-03 | 4.6 Medium |
| IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.18, 7.0.5.0 through 7.0.5.13, 7.1.0.0 through 7.1.2.9, 7.2.0.0 through 7.2.3.2 and 7.3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 242273. | ||||
| CVE-2022-43877 | 1 Ibm | 1 Urbancode Deploy | 2024-08-03 | 5.1 Medium |
| IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148. | ||||
| CVE-2022-40751 | 1 Ibm | 1 Urbancode Deploy | 2024-08-03 | 4.9 Medium |
| IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601. | ||||
| CVE-2023-47161 | 1 Ibm | 1 Urbancode Deploy | 2024-08-02 | 5.3 Medium |
| IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799. | ||||
| CVE-2023-42013 | 1 Ibm | 1 Urbancode Deploy | 2024-08-02 | 5.3 Medium |
| IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 265510. | ||||
| CVE-2023-42015 | 1 Ibm | 1 Urbancode Deploy | 2024-08-02 | 4.3 Medium |
| IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. IBM X-Force ID: 265512. | ||||
| CVE-2023-42012 | 1 Ibm | 1 Urbancode Deploy | 2024-08-02 | 6.2 Medium |
| An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509. | ||||
| CVE-2024-22331 | 1 Ibm | 2 Devops Deploy, Urbancode Deploy | 2024-08-01 | 6.2 Medium |
| IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971. | ||||