Intrusion Prevention

IBM.WebSphere.CommonsCollections.Library.Remote.Code.Execution

Description

This indicates an attack attempt against a Remote Code Execution vulnerability in IBM WebSphere Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker can exploit this to execute arbitrary code within context of the affected application via a crafted request.

Affected Products

IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 8.5
IBM WebSphere Application Server 8.5.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor
http://www-01.ibm.com/support/docview.wss?uid=swg21970575

CVE References

CVE-2015-7450