IBM.WebSphere.AS.CommonsCollections.Library.Code.Execution
Description
This indicates an attack attempt against a Remote Code Execution vulnerability in IBM WebSphere Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker can exploit this to execute arbitrary code within context of the affected application via a crafted request.
Affected Products
IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 8.5
IBM WebSphere Application Server 8.5.5
Impact
System Compromise: Remote attackers can gain control of vulnerable systems
Recommended Actions
Apply the most recent upgrade or patch from the vendor
http://www-01.ibm.com/support/docview.wss?uid=swg21970575
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-11-11 | 16.960 | Name:IBM. WebSphere. CommonsCollections. Library. Remote. Code. Execution:IBM. WebSphere. AS. CommonsCollections. Library. Code. Execution |
2019-06-07 | 14.628 | Severity:high:critical |