VDB
CISA-2022-40609
CISA-2022-40609
PUBLISHED
CVSS 8.1 HIGH
Reported by ibm · Published August 2, 2023
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.
Risk Scores
CVSS 3.1
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | SDK, Java Technology Edition | 7.1.5.18, 8.0.8.0 |
| IBM | SDK, Java Technology Edition | *, 7.1.5.18, 8.0.8.0 |
Timeline
- Aug 2, 2023 CVE Published
- Oct 17, 2024 CVE Updated