The vulnerability of WebSphere Application Server application servers, related to errors in ViewState configuration, allows attackers to execute arbitrary code.

🗓️ 14 Sep 2018 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

WebSphere Application Server vulnerability in ViewState configuration allows remote attacker to execute arbitrary code.

Vulners

Node

ibm websphere_application_serverMatch7.0.0.0

OR

ibm websphere_application_serverMatch7.0.0.1

OR

ibm websphere_application_serverMatch7.0.0.3

OR

ibm websphere_application_serverMatch7.0.0.5

OR

ibm websphere_application_serverMatch7.0.0.7

OR

ibm websphere_application_serverMatch7.0.0.9

OR

ibm websphere_application_serverMatch7.0.0.11

OR

ibm websphere_application_serverMatch7.0.0.13

OR

ibm websphere_application_serverMatch7.0.0.15

OR

ibm websphere_application_serverRange7.0.0.17–7.0.0.19

OR

ibm websphere_application_serverRange7.0.0.21–7.0.0.43

OR

ibm websphere_application_serverMatch7.0.0.45

OR

ibm websphere_application_serverRange8.0.0.0–8.0.0.15

OR

ibm websphere_application_serverRange8.5.0.0–8.5.0.2

OR

ibm websphere_application_serverRange8.5.1.0–8.5.4.0

OR

ibm websphere_application_serverRange8.5.5.0–8.5.5.14

Source	Link
securitylab	www.securitylab.ru/vulnerability/495237.php
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2018082207
www-01	www.www-01.ibm.com/support/docview.wss

23 Mar 2021 00:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS 27.6

CVSS 38.1

WebSphere Application Server ViewState configuration Remote code execution Vulnerability