CVE-2016-9008

Published: Feb 1, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent.

Affected (42)

Products: Ibm: Urbancode Deploy

1 product

Urbancode Deploy

Configuration A

42 vulnerable

Vulnerable Software	Affected Versions
Ibm Urbancode Deploy	Version 6.0.1.10
Ibm Urbancode Deploy	Version 6.0.1.11
Ibm Urbancode Deploy	Version 6.0.1.12
Ibm Urbancode Deploy	Version 6.0.1.13
Ibm Urbancode Deploy	Version 6.0.1.14
Ibm Urbancode Deploy	Version 6.0.1.1
Ibm Urbancode Deploy	Version 6.0.1.2
Ibm Urbancode Deploy	Version 6.0.1.3
Ibm Urbancode Deploy	Version 6.0.1.4
Ibm Urbancode Deploy	Version 6.0.1.5
Ibm Urbancode Deploy	Version 6.0.1.6
Ibm Urbancode Deploy	Version 6.0.1.7
Ibm Urbancode Deploy	Version 6.0.1.8
Ibm Urbancode Deploy	Version 6.0.1.9
Ibm Urbancode Deploy	Version 6.0.1
Ibm Urbancode Deploy	Version 6.0
Ibm Urbancode Deploy	Version 6.1.0.1
Ibm Urbancode Deploy	Version 6.1.0.2
Ibm Urbancode Deploy	Version 6.1.0.3
Ibm Urbancode Deploy	Version 6.1.0.4
Ibm Urbancode Deploy	Version 6.1.1.1
Ibm Urbancode Deploy	Version 6.1.1.2
Ibm Urbancode Deploy	Version 6.1.1.3
Ibm Urbancode Deploy	Version 6.1.1.4
Ibm Urbancode Deploy	Version 6.1.1.5
Ibm Urbancode Deploy	Version 6.1.1.6
Ibm Urbancode Deploy	Version 6.1.1.7
Ibm Urbancode Deploy	Version 6.1.1.8
Ibm Urbancode Deploy	Version 6.1.1
Ibm Urbancode Deploy	Version 6.1.2
Ibm Urbancode Deploy	Version 6.1.3.1
Ibm Urbancode Deploy	Version 6.1.3.2
Ibm Urbancode Deploy	Version 6.1.3.3
Ibm Urbancode Deploy	Version 6.1.3
Ibm Urbancode Deploy	Version 6.1
Ibm Urbancode Deploy	Version 6.2.0.0
Ibm Urbancode Deploy	Version 6.2.0.1
Ibm Urbancode Deploy	Version 6.2.0.2
Ibm Urbancode Deploy	Version 6.2.1.1
Ibm Urbancode Deploy	Version 6.2.1
Ibm Urbancode Deploy	Version 6.2.2.1
Ibm Urbancode Deploy	Version 6.2.2

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.ibm.com/support/docview.wss?uid=swg2C1000238

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/95283

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

http://www.ibm.com/support/docview.wss?uid=swg2C1000238

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/95283

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.