Vulnerabilities > CVE-2015-7450 - Unspecified vulnerability in IBM products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
Vulnerable Configurations
Exploit-Db
| description | IBM WebSphere - RCE Java Deserialization (Metasploit). CVE-2015-7450. Remote exploit for Windows platform. Tags: Metasploit Framework |
| file | exploits/windows/remote/41613.rb |
| id | EDB-ID:41613 |
| last seen | 2017-03-15 |
| modified | 2017-03-15 |
| platform | windows |
| port | 8800 |
| published | 2017-03-15 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/41613/ |
| title | IBM WebSphere - RCE Java Deserialization (Metasploit) |
| type | remote |
Metasploit
| description | This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability. |
| id | MSF:EXPLOIT/WINDOWS/MISC/IBM_WEBSPHERE_JAVA_DESERIALIZE |
| last seen | 2020-06-01 |
| modified | 2017-07-24 |
| published | 2017-03-13 |
| references |
|
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/ibm_websphere_java_deserialize.rb |
| title | IBM WebSphere RCE Java Deserialization Vulnerability |
Nessus
| NASL family | Web Servers |
| NASL id | WEBSPHERE_JAVA_SERIALIZE.NASL |
| description | The remote IBM WebSphere Application Server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted SOAP request, to execute arbitrary code on the target host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 87171 |
| published | 2015-12-02 |
| reporter | This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/87171 |
| title | IBM WebSphere Java Object Deserialization RCE |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/141631/ibm_websphere_java_deserialize.rb.txt |
| id | PACKETSTORM:141631 |
| last seen | 2017-03-15 |
| published | 2017-03-14 |
| reporter | Liatsis Fotios |
| source | https://packetstormsecurity.com/files/141631/IBM-WebSphere-Remote-Code-Execution-Java-Deserialization.html |
| title | IBM WebSphere Remote Code Execution Java Deserialization |
Saint
| description | IBM WebSphere Management Server Apache Commons |
| id | web_dev_webspherever |
| title | websphere_serialjava |
| type | remote |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21972799
- http://www-01.ibm.com/support/docview.wss?uid=swg21971342
- http://www-01.ibm.com/support/docview.wss?uid=swg21971376
- http://www-01.ibm.com/support/docview.wss?uid=swg21971758
- http://www-01.ibm.com/support/docview.wss?uid=swg21970575
- http://www-01.ibm.com/support/docview.wss?uid=swg21971733
- http://www.securityfocus.com/bid/77653
- https://www.exploit-db.com/exploits/41613/
- http://www.securitytracker.com/id/1035125