Deserialization of untrusted data

2020-07-0919:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.

CPENameOperatorVersion
infosphere_information_servereq11.3.0
infosphere_information_servereq11.5.0
infosphere_information_serverge11.7.0.0
infosphere_information_serverle11.7.1.1
infosphere_information_server_on_cloudge11.7.0.0
infosphere_information_server_on_cloudle11.7.1.1
infosphere_information_server_on_cloudeq11.5.0.0

Name	Operator	Version
infosphere_information_server	eq	11.3.0
infosphere_information_server	eq	11.5.0
infosphere_information_server	ge	11.7.0.0
infosphere_information_server	le	11.7.1.1
infosphere_information_server_on_cloud	ge	11.7.0.0
infosphere_information_server_on_cloud	le	11.7.1.1
infosphere_information_server_on_cloud	eq	11.5.0.0