CVE-2020-27583

Published: Jan 26, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Affected (1)

Products: Ibm: Infosphere Information Server

1 product

Infosphere Information Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	Version 8.5

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (2)

https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization/

Source: cve@mitre.org

ExploitThird Party Advisory

https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.