Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an HTTP session, which allows local users to obtain root access to arbitrary agents via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM UrbanCode Deploy 安全漏洞
Vulnerability Description
IBM UrbanCode Deploy(UCD)是美国IBM公司的一套应用自动化部署工具。该工具基于一个应用部署自动化管理信息模型,并通过远程代理技术,实现对复杂应用在不同环境下的自动化部署等。 IBM UCD中的代理存在安全漏洞,该漏洞源于程序没有验证JMS或HTTP会话中的服务器身份。本地攻击者可利用该漏洞获取任意代理的root权限。以下版本受到影响:IBM UrbanCode Deploy 6.0.1.14之前的6.x版本,6.1.3.3之前的6.1.x版本,6.2.1.1之前的6.2.x版本。
CVSS Information
N/A
Vulnerability Type
N/A