High Severity

Security Bulletin: CVE-2020-26217 XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.

Share this post:

CVE-2020-26217 XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
UCD – IBM UrbanCode Deploy 7.1.0.0
UCD – IBM UrbanCode Deploy 6.2.7.8
UCD – IBM UrbanCode Deploy 7.0.5.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6374126

More stories

Security Bulletin: Security Vulnerabilities in GNU glibc affect IBM Cloud Pak for Data – GNU glibc (CVE-2020-1751)

Jan 13, 2021 7:02 pm EST | High Severity

Security Vulnerabilities in GNU glibc affect IBM Cloud Pak for Data - GNU glibc (CVE-2020-1751) ...read more


Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2015-9381, CVE-2015-9382)

Jan 13, 2021 7:02 pm EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerabilities. The vulnerabilities concerns Freetype: a remote attacker could obtain sensitive information or cause a denial of service. ...read more


Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

Jan 13, 2021 7:02 pm EST | High Severity

IBM Security Privileged Identity Manager has addressed an issue for NTP as follows. ...read more