CVE-2017-1286
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-1286
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM UrbanCode Deploy 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM UrbanCode Deploy(UCD)是美国IBM公司的一套应用自动化部署工具。该工具基于一个应用部署自动化管理信息模型,并通过远程代理技术,实现对复杂应用在不同环境下的自动化部署等。 IBM UCD 6.1版本至6.9.6.0版本中存在安全漏洞。攻击者可借助在UI中提升的权限(即使权限被撤销)利用该漏洞获取有关服务器和数据库配置的敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2017-1286
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-1286
请登录查看更多情报信息。
Vendor Advisories for CVE-2017-1286 (2)
- 🔗 https://www.ibm.com/support/docview.wss?uid=swg2C1000377x_refsource_CONFIRM
Same Patch Batch · n/a · 2018-08-13 · 15 CVEs total
| CVE-2018-10569 | Edimax EW-7438RPn Mini 跨站脚本漏洞 | |
| CVE-2018-12587 | valeuraddons German Spelling Dictionary 跨站脚本漏洞 | |
| CVE-2018-13415 | Plex Media Server XML解析引擎安全漏洞 | |
| CVE-2018-13417 | Vuze Bittorrent Client XML解析引擎安全漏洞 | |
| CVE-2018-14849 | Tiki 跨站脚本漏洞 | |
| CVE-2018-14850 | Tiki 跨站脚本漏洞 | |
| CVE-2018-14878 | JetBrains dotPeek和ReSharper Ultimate 安全漏洞 | |
| CVE-2018-15139 | OpenEMR 安全漏洞 | |
| CVE-2018-15140 | OpenEMR 路径遍历漏洞 | |
| CVE-2018-15141 | OpenEMR 路径遍历漏洞 | |
| CVE-2018-15142 | OpenEMR 路径遍历漏洞 | |
| CVE-2018-15143 | OpenEMR SQL注入漏洞 | |
| CVE-2018-15144 | OpenEMR SQL注入漏洞 | |
| CVE-2018-15145 | OpenEMR SQL注入漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2017-1286
No comments yet