Ibm Urbancode_deploy
63 CVEs affecting Ibm Urbancode_deploy. Latest disclosed: 2025-12-15. Critical: 1, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-8938 | Critical | 10.0 | 2017-02-01 | IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be execute… |
CVE-2022-22315 | High | 8.8 | 2022-04-27 | IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permiss… |
CVE-2020-4202 | High | 8.8 | 2020-04-23 | IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed… |
CVE-2014-8900 | High | 8.8 | 2017-08-28 | Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. |
CVE-2020-4481 | High | 8.2 | 2020-08-05 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A re… |
CVE-2016-0271 | High | 8.2 | 2016-07-08 | The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an… |
CVE-2017-1149 | High | 8.1 | 2017-04-25 | IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML d… |
CVE-2016-0267 | High | 7.7 | 2016-06-29 | IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secu… |
CVE-2021-39082 | High | 7.5 | 2022-04-29 | IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. |
CVE-2022-22327 | High | 7.5 | 2022-04-01 | IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sen… |
CVE-2016-9008 | High | 7.5 | 2017-02-01 | IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent. |
CVE-2016-6068 | High | 7.5 | 2017-02-01 | IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. |
CVE-2016-2942 | High | 7.5 | 2017-02-01 | IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run o… |
CVE-2024-55904 | High | 7.2 | 2025-02-14 | IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 thr… |
CVE-2022-35716 | Medium | 6.5 | 2022-08-01 | IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticate… |
CVE-2020-4482 | Medium | 6.5 | 2020-11-06 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could… |
CVE-2017-1286 | Medium | 6.5 | 2018-08-13 | Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given… |
CVE-2024-56469 | Medium | 6.3 | 2025-03-27 | IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1… |
CVE-2024-22358 | Medium | 6.3 | 2024-04-12 | IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does… |
CVE-2024-45091 | Medium | 6.2 | 2025-01-21 | IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that coul… |