CVE-2016-0365

Published: Jul 1, 2016Modified: May 6, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication and obtain sensitive artifact information via unspecified vectors.

Affected (36)

Products: Ibm: Urbancode Deploy

Ibm

1 product

Urbancode Deploy

Configuration A

36 vulnerable

Vulnerable Software	Affected Versions
Ibm Urbancode Deploy	Version 6.0.1.0
Ibm Urbancode Deploy	Version 6.0.1.10
Ibm Urbancode Deploy	Version 6.0.1.11
Ibm Urbancode Deploy	Version 6.0.1.12
Ibm Urbancode Deploy	Version 6.0.1.1
Ibm Urbancode Deploy	Version 6.0.1.2
Ibm Urbancode Deploy	Version 6.0.1.3
Ibm Urbancode Deploy	Version 6.0.1.4
Ibm Urbancode Deploy	Version 6.0.1.5
Ibm Urbancode Deploy	Version 6.0.1.6
Ibm Urbancode Deploy	Version 6.0.1.7
Ibm Urbancode Deploy	Version 6.0.1.8
Ibm Urbancode Deploy	Version 6.0.1.9
Ibm Urbancode Deploy	Version 6.0
Ibm Urbancode Deploy	Version 6.1.0.1
Ibm Urbancode Deploy	Version 6.1.0.2
Ibm Urbancode Deploy	Version 6.1.0.3
Ibm Urbancode Deploy	Version 6.1.0.4
Ibm Urbancode Deploy	Version 6.1.1.0
Ibm Urbancode Deploy	Version 6.1.1.1
Ibm Urbancode Deploy	Version 6.1.1.2
Ibm Urbancode Deploy	Version 6.1.1.3
Ibm Urbancode Deploy	Version 6.1.1.4
Ibm Urbancode Deploy	Version 6.1.1.5
Ibm Urbancode Deploy	Version 6.1.1.6
Ibm Urbancode Deploy	Version 6.1.1.7
Ibm Urbancode Deploy	Version 6.1.1.8
Ibm Urbancode Deploy	Version 6.1.2
Ibm Urbancode Deploy	Version 6.1.3.1
Ibm Urbancode Deploy	Version 6.1.3.2
Ibm Urbancode Deploy	Version 6.1.3
Ibm Urbancode Deploy	Version 6.1
Ibm Urbancode Deploy	Version 6.2.0.0
Ibm Urbancode Deploy	Version 6.2.0.1
Ibm Urbancode Deploy	Version 6.2.0.2
Ibm Urbancode Deploy	Version 6.2.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg2C1000149

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/91526

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg2C1000149

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/91526

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.