Home Unlabelled IBM Security Bulletin: Content Collector for Email is affected by java deserialization vulnerability resulting in execution of untrusted data via the application server’s SOAP port

IBM Security Bulletin: Content Collector for Email is affected by java deserialization vulnerability resulting in execution of untrusted data via the application server’s SOAP port

By
Monday, November 26, 2018
Read
Add Comment

Nov 26, 2018 8:01 am EST

Categorized: High Severity

Share this post:

Content Collector for Email has addressed the following vulnerability. IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources.

CVE(s): CVE-2018-1567

Affected product(s) and affected version(s):

Content Collector for Email v4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738339
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143024



from IBM Product Security Incident Response Team https://ift.tt/2ReV4XF
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us