CyberSec.Space Logo
Back to CVE Browser

CVE-2015-7450

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score77.7760%
EPSS Percentile90.71th
PublishedJan 2, 2016
Last ModifiedApr 21, 2026

Vulnerability Description

Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.

Affected Platforms (CPE)

πŸ“¦
Ibm

Sterling B2b Integrator

= 5.2
πŸ“¦
Ibm

Sterling Integrator

= 5.1
πŸ“¦
Ibm

Tivoli Common Reporting

= 2.1
πŸ“¦
Ibm

Tivoli Common Reporting

= 2.1.1
πŸ“¦
Ibm

Tivoli Common Reporting

= 2.1.1.2
πŸ“¦
Ibm

Tivoli Common Reporting

= 3.1
πŸ“¦
Ibm

Tivoli Common Reporting

= 3.1.0.1
πŸ“¦
Ibm

Tivoli Common Reporting

= 3.1.0.2
πŸ“¦
Ibm

Tivoli Common Reporting

= 3.1.2
πŸ“¦
Ibm

Tivoli Common Reporting

= 3.1.2.1
πŸ“¦
Ibm

Watson Content Analytics

>= 3.0 and <= 3.0.0.6
πŸ“¦
Ibm

Watson Content Analytics

>= 3.5 and <= 3.5.0.3
πŸ“¦
Ibm

Watson Explorer Analytical Components

>= 10.0 and <= 10.0.0.2
πŸ“¦
Ibm

Watson Explorer Analytical Components

= 11.0
πŸ“¦
Ibm

Watson Explorer Annotation Administration Console

>= 10.0 and <= 10.0.0.2
πŸ“¦
Ibm

Watson Explorer Annotation Administration Console

= 11.0
πŸ“¦
Ibm

Websphere Application Server

= 7.0.0.0
πŸ“¦
Ibm

Websphere Application Server

= 8.0.0.0
πŸ“¦
Ibm

Websphere Application Server

= 8.5
πŸ“¦
Ibm

Websphere Application Server

= 8.5.0.0
πŸ“¦
Ibm

Websphere Application Server

= 8.5.5.5

References & Advisories

πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21970575
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21971342
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21971376
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21971733
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21971758
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21972799
πŸ”— http://www.securityfocus.com/bid/77653
πŸ”— http://www.securitytracker.com/id/1035125

Related Vulnerabilities

CVE-2021-299039.8

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2021-390859.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vuln...

CVE-2021-297989.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2012-59379.3

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B...