Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects from untrusted sources. The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system. The vulnerability only occurs if an undocumented customization has been applied by an administrator.
Watch the video to learn more about this and other important vulnerabilities.
The CVSS Base Score is 9.8 (Critical)
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0.
As per IBM, this vulnerability was reported to IBM by Kylinking of NSFOCUS Security Team.
IBM WebSphere Application Server is a set of Java-based tools designed for network administrators, web developers, and software engineers. It enables users to develop and host Java-based web applications, build and manage websites, and manage multiple technologies in a single interface. As per HG Insights, WebSphere is been used in various industries like Banking, Health, Software manufacturers, etc. for high traffic. Based on link, below is the adoption graph by industry, most the companies with high traffic uses WebSphere.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. This is going to have an impact on confidentiality, integrity, and availability of these critical machines. No publicly available exploits are available for this vulnerability.
Virsec Security Platform (VSP) Support
VSP-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.