CyberSec.Space Logo
Back to CVE Browser

CVE-2020-27583

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile33.97th
PublishedJan 26, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Affected Platforms (CPE)

📦
Ibm

Infosphere Information Server

= 8.5

References & Advisories

🔗 https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization/
🔗 https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization/

Related Vulnerabilities

CVE-2009-424010.0

Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 be...

CVE-2012-02049.3

Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBroke...

CVE-2021-389489.1

IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A ...

CVE-2017-13839.1

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processin...