Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core (CVE-2016-5983)

Summary

IBM WebSphere Application Server is shipped as a component of IBM Integrated Information Core. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

CVEID: CVE-2016-5983**
DESCRIPTION:** IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code with a serialized object from untrusted sources.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116468 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Integrated Information Core V1.5, V1.5.0.1 and V1.5.0.2| IBM WebSphere Application Server V7.0

Remediation/Fixes

Consult the security bulletin: Code execution vulnerability in WebSphere Application Server (CVE-2016-5983) for vulnerability details and information about fixes.