CVE-2020-27583Deserialization of Untrusted Data in IBM Infosphere Information Server

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
4.2%
top 11.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Information Server
Timeline
PublishedJan 26
Latest updateMay 24

Description

IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-wffw-394c-6775: ** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 82022-05-24
CVEList
CVE-2020-27583: IBM InfoSphere Information Server 82021-01-21
CVE-2020-27583 — Deserialization of Untrusted Data | cvebase