IBM.WebSphere.AS.Malformed.Serialized.Object.DOS
Description
This indicates an attempt to exploit a Denial of Service vulnerability in IBM WebSphere Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted HTTP requests. A remote attacker can exploit this to perform a denial of service attack on the target server via a crafted HTTP request.
Affected Products
IBM WebSphere Application Server 7.0.0.41 and prior version
IBM WebSphere Application Server 8.0.0.12 and prior version
IBM WebSphere Application Server 8.5.5.10 and prior version
IBM WebSphere Application Server 9.0.0.1 and prior version
IBM WebSphere Application Server Liberty 16.0.0.2 and prior version
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://www-01.ibm.com/support/docview.wss?uid=swg21990060
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-11-19 | 16.965 | Name:IBM. WebSphere. Application. Malformed. Serialized. Object. DOS:IBM. WebSphere. AS. Malformed. Serialized. Object. DOS |