1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: IBM WebSphere RCE CVE-2015-7450

Web Attack: IBM WebSphere RCE CVE-2015-7450

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in IBM WebSphere Application.

Additional Information

IBM WebSphere Application Server is prone to a remote code-execution vulnerability because it fails to properly perform deserialization on input Java objects. Specifically, this issue affects the 'Java InvokerTransformer' class.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application.

Affected

  • IBM WebSphere 7.0.0.0
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube