JSP Code Execution Flaw in IBM and Lenovo Networking Products
CVE-2015-7818

Currently unrated

Key Information:

Vendor: IBM
Status: System Networking Switch Center
Vendor: CVE Published:; 12 November 2015

What is CVE-2015-7818?

The administration-panel web service in IBM System Networking Switch Center and Lenovo Switch Center versions prior to the specified updates allows unauthorized local users to execute arbitrary JSP code. This can be achieved using the Apache Axis AdminService deployment method to upload a malicious .jsp file, granting SYSTEM privileges which may lead to further exploitation of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zerodayinitiative.com/advisories/ZDI-15-551/

x_refsource_MISC

https://support.lenovo.com/us/en/product_security/len_201...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 12, 2015
Vulnerability Reserved
Oct 14, 2015

JSON

IBM

What is CVE-2015-7818?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.