Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm tivoli common reporting 3.1.2 |
||
ibm tivoli common reporting 3.1.0.2 |
||
ibm tivoli common reporting 3.1.0.1 |
||
ibm tivoli common reporting 3.1 |
||
ibm tivoli common reporting 3.1.2.1 |
||
ibm tivoli common reporting 2.1 |
||
ibm tivoli common reporting 2.1.1.2 |
||
ibm tivoli common reporting 2.1.1 |
Vulmon