CVE 2016-2942

IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.

See the CVE page on Mitre.org for more details.