IBM.WebSphere.AS.CommonsCollections.Library.Code.Execution

description-logoDescription

This indicates an attack attempt against a Remote Code Execution vulnerability in IBM WebSphere Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker can exploit this to execute arbitrary code within context of the affected application via a crafted request.

affected-products-logoAffected Products

IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 8.5
IBM WebSphere Application Server 8.5.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor
http://www-01.ibm.com/support/docview.wss?uid=swg21970575

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-11-11 16.960 Name:IBM.
WebSphere.
CommonsCollections.
Library.
Remote.
Code.
Execution:IBM.
WebSphere.
AS.
CommonsCollections.
Library.
Code.
Execution
2019-06-07 14.628 Severity:high:critical