Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMBAE50838DBA5EC5D7C652AC72A4669F4191050CE0543B14024B790C32926FC2D
HistoryFeb 06, 2019 - 12:25 p.m.

Security Bulletin: Content Collector for Email is affected by 3RD PARTY IBM WebSphere Application Server Deserialization

2019-02-0612:25:01
www.ibm.com
5

EPSS

0.005

Percentile

76.4%

JSON

Summary

Content Collector for Email has addressed the following vulnerability. IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources.

Vulnerability Details

CVEID: CVE-2018-1904 DESCRIPTION: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources.
CVSS Base Score: 8.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152533&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Content Collector for Email v4.0.1

Remediation/Fixes

Product

| VRM | Remediation
—|—|—
Content Collector for Email | 4.0.1 | Use_ _Content Collector for Email 4.0.1.8 Interim Fix 009

Workarounds and Mitigations

NA

Related

ibm 39
prion 1
cvelist 1
nessus 1
nvd 1
cve 1
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2018-1904)
2019-01-25 20:50:01
Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server may affect IBM InfoSphere Identity Insight (CVE-2018-1904)
2019-08-07 20:57:34
Security Bulletin: Security vulnerability is identified in the WebSphere Application Server where the Rational Asset Manager is deployed (CVE-2018-1904)
2019-01-03 13:05:01
prion
prion
Code injection
2018-12-11 16:29:00
cvelist
cvelist
CVE-2018-1904
2018-12-11 16:00:00
nessus
nessus
IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)
2019-06-20 00:00:00
nvd
nvd
CVE-2018-1904
2018-12-11 16:29:02
cve
cve
CVE-2018-1904
2018-12-11 16:29:02

EPSS

0.005

Percentile

76.4%

JSON
Related for BAE50838DBA5EC5D7C652AC72A4669F4191050CE0543B14024B790C32926FC2D
ibm39prion1cvelist1nessus1nvd1cve1