Published: 02/08/2023 Updated: 07/08/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote malicious user to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm sdk

Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has ra ...

Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this updat ...

DescriptionA flaw was found in IBM SDK, Java Technology Edition, which could allow a remote attacker to execute arbitrary code on the system caused by an unsafe deserialization flaw An attacker could exploit this vulnerability by sending specially-crafted data to execute arbitrary code on the systemA flaw was found in IBM SDK, Java Technol ...

CWE-502 https://exchange.xforce.ibmcloud.com/vulnerabilities/236069 https://www.ibm.com/support/pages/node/7017032 https://access.redhat.com/errata/RHSA-2023:4160 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-40609

CVE-2022-40609

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect