CVE-2018-1851

Summary

IBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execute arbitrary code. IBM X-Force ID: 150999.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application ServerLibertyaffected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References