exploitDog

GHSA-6p5x-3fqf-87hc

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 10

Описание

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.

Ссылки

EPSS

Процентиль: 73%

0.00768

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2016-8938

CVSS3: 10

nvd

около 9 лет назад

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.

BDU:2017-02545

CVSS3: 10

fstec

около 9 лет назад

Уязвимость программного обеспечения для автоматизации выпуска приложений IBM UrbanCode Deploy (UCD), связанная с недостатками контроля доступа, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 73%

0.00768

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-284