QID 730553
Date Published: 2022-07-06
QID 730553: UrbanCode Deploy Arbitrary Code Execution Vulnerability (6485647)
IBM UrbanCode Deploy, formerly known as Udeploy, is a GUI-based deployment automation tool that provides you with the tools you need to orchestrate and automate the installation and deployment of IBM Sterling Order Management.
Affected Products
UCD - IBM UrbanCode Deploy 7.1.1.1
UCD - IBM UrbanCode Deploy 7.0.5.3
UCD - IBM UrbanCode Deploy 7.1.1.2
UCD - IBM UrbanCode Deploy 7.1.1.0
UCD - IBM UrbanCode Deploy 7.1.0.0
UCD - IBM UrbanCode Deploy 7.0.5.4
UCD - IBM UrbanCode Deploy 6.2.7.4
UCD - IBM UrbanCode Deploy 6.2.7.3
UCD - IBM UrbanCode Deploy 6.2.7.8
UCD - IBM UrbanCode Deploy 7.0.4.0
UCD - IBM UrbanCode Deploy 6.2.7.9
UCD - IBM UrbanCode Deploy 7.0.3.0
UCD - IBM UrbanCode Deploy All
QID Detection Logic (Unauthenticated):
Looks for IBM UrbanCode Deploy version on the web root page and flags if vulnerable.
A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Customers are advised to refer to 6485647 for more information.
- 6485647 -
www.ibm.com/support/pages/node/6485647
CVEs related to QID 730553
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| 6485647 |
www.ibm.com/support/pages/node/6485647 |