Added: 02/03/2016
CVE: CVE-2015-7450
IBM WebSphere Management console 7.x and 8.5.0 - 8.5.5.7 are packaged with a vulnerable version of the Apache Commons package.
Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data with Java InvokerTransformer class. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary Java code on the system.
This exploit was tested against WebSphere 8.5.5.1 on Redhat Enterprise Linux 7.
<http://www-01.ibm.com/support/docview.wss?uid=swg21970575>
Install the patch provided in IBM security bulletin swg21970575.
Linux