IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445. – nvd.nist.gov description
Recent assessments:
jrobles-r7 at May 29, 2019 4:00pm UTC reported:
Deserialization flaw. I tested a module that was able to get SYSTEM access by exploiting the flaw.
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 4