IBM Security Bulletin: IBM i2 COPLINK BeanShell Vulnerability (CVE-2016-2510)
IBM i2 COPLINK is affected by a BeanShell vulnerability. IBM has addressed this vulnerability. BeanShell could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data using Java serialization or XStream, an attacker could exploit this vulnerability deserialize data and execute arbitrary code on the system.
CVE(s): CVE-2016-2510
Affected product(s) and affected version(s):
IBM i2 COPLINK Intel LEAD – all Versions from 4.8 – 4.9.1.1 client only. Server is not affected.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2mHoznw
X-Force Database: http://ift.tt/1W1VwYd
The post IBM Security Bulletin: IBM i2 COPLINK BeanShell Vulnerability (CVE-2016-2510) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2mGmng5