CVE-2015-7450
02.01.2016, 21:59
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ibm | sterling_b2b_integrator | 5.2 |
| ibm | sterling_integrator | 5.1 |
| ibm | tivoli_common_reporting | 2.1 |
| ibm | tivoli_common_reporting | 2.1.1 |
| ibm | tivoli_common_reporting | 2.1.1.2 |
| ibm | tivoli_common_reporting | 3.1 |
| ibm | tivoli_common_reporting | 3.1.0.1 |
| ibm | tivoli_common_reporting | 3.1.0.2 |
| ibm | tivoli_common_reporting | 3.1.2 |
| ibm | tivoli_common_reporting | 3.1.2.1 |
| ibm | watson_content_analytics | 3.0 ≤ 𝑥 ≤ 3.0.0.6 |
| ibm | watson_content_analytics | 3.5 ≤ 𝑥 ≤ 3.5.0.3 |
| ibm | watson_explorer_analytical_components | 10.0 ≤ 𝑥 ≤ 10.0.0.2 |
| ibm | watson_explorer_analytical_components | 11.0 |
| ibm | watson_explorer_annotation_administration_console | 10.0 ≤ 𝑥 ≤ 10.0.0.2 |
| ibm | watson_explorer_annotation_administration_console | 11.0 |
| ibm | websphere_application_server | 7.0.0.0 |
| ibm | websphere_application_server | 8.0.0.0 |
| ibm | websphere_application_server | 8.5 |
| ibm | websphere_application_server | 8.5.0.0 |
| ibm | websphere_application_server | 8.5.5.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References