Description
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.
CVSS breakdown
CVSS 3.0
Attack Complexity
High
Attack Vector
Network
Integrity
High
Scope
Unchanged
Privileges Required
None
User Interaction
None
Availability
High
Confidentiality
High
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / infosphere_information_server11.3 – 11.3
- ibm / infosphere_information_server11.5 – 11.5
- ibm / infosphere_information_server11.7 – 11.7