Vulnerability Details : CVE-2015-7450
Public exploit exists!
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
Products affected by CVE-2015-7450
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:traditional:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.0:*:*:*:-:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:-:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:hypervisor:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:3.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:3.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:2.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:3.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:sterling_integrator:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:watson_content_analytics:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:watson_content_analytics:*:*:*:*:*:*:*:*
- IBM » Watson Explorer Analytical ComponentsVersions from including (>=) 10.0 and up to, including, (<=) 10.0.0.2cpe:2.3:a:ibm:watson_explorer_analytical_components:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:watson_explorer_analytical_components:11.0:*:*:*:*:*:*:*
- IBM » Watson Explorer Annotation Administration ConsoleVersions from including (>=) 10.0 and up to, including, (<=) 10.0.0.2cpe:2.3:a:ibm:watson_explorer_annotation_administration_console:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:watson_explorer_annotation_administration_console:11.0:*:*:*:*:*:*:*
CVE-2015-7450 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.
CISA required action:
Apply updates per vendor instructions.
CISA description:
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2015-7450
Added on
2022-01-10
Action due date
2022-07-10
Exploit prediction scoring system (EPSS) score for CVE-2015-7450
97.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2015-7450
-
IBM WebSphere RCE Java Deserialization Vulnerability
Disclosure Date: 2015-11-06First seen: 2020-04-26exploit/windows/misc/ibm_websphere_java_deserializeThis module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in
CVSS scores for CVE-2015-7450
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-07-24 |
References for CVE-2015-7450
-
http://www-01.ibm.com/support/docview.wss?uid=swg21970575
IBM Security Bulletin: Vulnerability in Apache Commons affects IBM WebSphere Application Server (CVE-2015-7450)Vendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21971342
IBM Security Bulletin: Vulnerability in Apache Commons affects IBM Cognos Controller (CVE-2015-7450)Vendor Advisory
-
http://www.securitytracker.com/id/1035125
IBM InfoSphere Information Server Lets Remote Authenticated Users Hijack the Target User's Session - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21972799
IBM Security Bulletin: Multiple vulnerability in Product IBM Tivoli Common Reporting (CVE-2015-7436,CVE-2015-7435,CVE-2012-6153,CVE-2014-3577,CVE-2015-7450,CVE-2015-4872)Vendor Advisory
-
http://www.securityfocus.com/bid/77653
IBM WebSphere Application Server CVE-2015-7450 Remote Code Execution VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21971376
IBM notice: The page you requested cannot be displayedVendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21971733
IBM Security Bulletin: Vulnerability in Apache Commons affects Watson Explorer and Watson Content Analytics (CVE-2015-7450)Broken Link
-
https://www.exploit-db.com/exploits/41613/
IBM WebSphere - RCE Java Deserialization (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21971758
IBM Security Bulletin: Vulnerability in Apache Commons affects IBM Sterling B2B Integrator (CVE-2015-7450)Vendor Advisory
Jump to