Vulnerabilities > CVE-2020-27583 - Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

CWE-502

critical

NVD

Published: 2021-01-26

Updated: 2024-08-04

Summary

IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Infosphere Information Server 8.5	1

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization/