← Back

CVE-2016-0271

nvd nist
Published: Jul 8, 2016Modified: May 6, 2026

JSON object

Loading...
8.2
Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Exploitability: 1.5 / Impact: 6.0
Source: NVD

Description

The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an HTTP session, which allows local users to obtain root access to arbitrary agents via unspecified vectors.

Affected (37)

Ibm
1 product
Urbancode Deploy
Configuration A
37 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Urbancode Deploy
Version 6.0.1.0
Urbancode Deploy
Version 6.0.1.10
Urbancode Deploy
Version 6.0.1.11
Urbancode Deploy
Version 6.0.1.12
Urbancode Deploy
Version 6.0.1.13
Urbancode Deploy
Version 6.0.1.1
Urbancode Deploy
Version 6.0.1.2
Urbancode Deploy
Version 6.0.1.3
Urbancode Deploy
Version 6.0.1.4
Urbancode Deploy
Version 6.0.1.5
Urbancode Deploy
Version 6.0.1.6
Urbancode Deploy
Version 6.0.1.7
Urbancode Deploy
Version 6.0.1.8
Urbancode Deploy
Version 6.0.1.9
Urbancode Deploy
Version 6.0
Urbancode Deploy
Version 6.1.0.1
Urbancode Deploy
Version 6.1.0.2
Urbancode Deploy
Version 6.1.0.3
Urbancode Deploy
Version 6.1.0.4
Urbancode Deploy
Version 6.1.1.0
Urbancode Deploy
Version 6.1.1.1
Urbancode Deploy
Version 6.1.1.2
Urbancode Deploy
Version 6.1.1.3
Urbancode Deploy
Version 6.1.1.4
Urbancode Deploy
Version 6.1.1.5
Urbancode Deploy
Version 6.1.1.6
Urbancode Deploy
Version 6.1.1.7
Urbancode Deploy
Version 6.1.1.8
Urbancode Deploy
Version 6.1.2
Urbancode Deploy
Version 6.1.3.1
Urbancode Deploy
Version 6.1.3.2
Urbancode Deploy
Version 6.1.3
Urbancode Deploy
Version 6.1
Urbancode Deploy
Version 6.2.0.0
Urbancode Deploy
Version 6.2.0.1
Urbancode Deploy
Version 6.2.0.2
Urbancode Deploy
Version 6.2.1

Related CWEs

CWE-264
CWE-264

References (2)

Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.