Published: 01/02/2017 Updated: 13/02/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 10 | Impact Score: 6 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm urbancode deploy 6.0.1.11
ibm urbancode deploy 6.0.1.12
ibm urbancode deploy 6.0.1.13
ibm urbancode deploy 6.0.1.14
ibm urbancode deploy 6.1.1
ibm urbancode deploy 6.1.1.1
ibm urbancode deploy 6.1.1.2
ibm urbancode deploy 6.1.1.3
ibm urbancode deploy 6.2.1
ibm urbancode deploy 6.2.1.1
ibm urbancode deploy 6.2.2
ibm urbancode deploy 6.2.2.1
ibm urbancode deploy 6.0.1
ibm urbancode deploy 6.0.1.10
ibm urbancode deploy 6.0.1.2
ibm urbancode deploy 6.0.1.4
ibm urbancode deploy 6.0.1.6
ibm urbancode deploy 6.1.0.1
ibm urbancode deploy 6.1.0.3
ibm urbancode deploy 6.1.1.5
ibm urbancode deploy 6.1.1.7
ibm urbancode deploy 6.2.0.0
ibm urbancode deploy 6.2.0.2
ibm urbancode deploy 6.0.1.7
ibm urbancode deploy 6.0.1.8
ibm urbancode deploy 6.0.1.9
ibm urbancode deploy 6.1
ibm urbancode deploy 6.1.1.8
ibm urbancode deploy 6.1.2
ibm urbancode deploy 6.1.3
ibm urbancode deploy 6.1.3.1
ibm urbancode deploy 6.1.3.2
ibm urbancode deploy 6.0
ibm urbancode deploy 6.0.1.1
ibm urbancode deploy 6.0.1.3
ibm urbancode deploy 6.0.1.5
ibm urbancode deploy 6.1.0.2
ibm urbancode deploy 6.1.0.4
ibm urbancode deploy 6.1.1.4
ibm urbancode deploy 6.1.1.6
ibm urbancode deploy 6.1.3.3
ibm urbancode deploy 6.2.0.1

CWE-284 http://www.ibm.com/support/docview.wss?uid=swg2C1000237 http://www.securityfocus.com/bid/95289 https://nvd.nist.gov

CVE-2016-8938

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect