IBM Operational Decision Manager 漏洞列表

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146. shodan: html:"IBM ODM" fofa: title="IBM ODM"

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.

IBM Operational Decision Manager存在代码执行漏洞，此漏洞是由于对请求的外部数据进行不安全的反序列化所导致的。

IBM Operational Decision Manager8.10.3、8.10.4、8.10.5.1、8.11、8.11.0.1和8.12.0.1在向某个API传递未经检查的参数时，容易受到通过JNDI注入的远程代码执行攻击。IBMX-Force ID:279145。