CVE-2018-1904 : IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attac

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.

Published 2018-12-11 16:29:02

Updated 2019-10-09 23:39:19

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2018-1904

IBM » Websphere Application Server
Versions from including (>=) 9.0.0.0 and up to, including, (<=) 9.0.0.9
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server
Versions from including (>=) 8.5.0.0 and up to, including, (<=) 8.5.5.14
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server
Versions from including (>=) 7.0.0.0 and up to, including, (<=) 7.0.0.45
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server
Versions from including (>=) 8.0.0.0 and up to, including, (<=) 8.0.0.15
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2018-1904

Top countries where our scanners detected CVE-2018-1904

Top open port discovered on systems with this issue 9080

IPs affected by CVE-2018-1904 609

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2018-1904!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2018-1904

EPSS FAQ

0.81%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-1904

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	IBM Corporation
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-1904

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-1904

https://www-01.ibm.com/support/docview.wss?uid=ibm10738735

IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904)
Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/152533

IBM WebSphere Application Server code execution CVE-2018-1904 Vulnerability Report
Vendor Advisory;VDB Entry
http://www.securityfocus.com/bid/106193

IBM WebSphere Application Server CVE-2018-1904 Remote Code Execution Vulnerability
Third Party Advisory;VDB Entry