HTTP: IBM WebSphere WASPostParam cookie Untrusted Java Deserialization

This signature detects attempts to exploit a known vulnerability against IBM WebSphere. Successful exploitation could cause a denial of service and potentially execute arbitrary code on the affected system.

Extended Description

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.

Affected Products

Ibm websphere_application_server

References

CVE: CVE-2016-5983

Short Name
HTTP:WEBSPHERE:WASPOSTPARAM-JD
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-5983 Deserialization IBM Java Untrusted WASPostParam WebSphere cookie
Release Date
11/10/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Ibm

CVSS Score

6.5

Found a potential security threat?