CVE-2025-14915

HIGH EPSS 38.9%

Published Mar 25, 20263mo ago · Modified Jun 17, 20261w ago

7.2 CVSS 3.1

High

Published Mar 25, 2026 3mo ago

Last Modified Jun 17, 2026 1w ago

Description

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.

CVSS Details

Base Score

7.2

Exploitability

1.2

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required High

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

38.9% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 7

Vendor	Product	Version	Range
ibm	websphere_application_server	*	≥17.0.0.3 – <26.0.0.4
apple	macos	*	any
ibm	aix	*	any
ibm	i	*	any
ibm	z\/os	*	any
linux	linux_kernel	*	any
microsoft	windows	*	any

References 1

ibm.com https://www.ibm.com/support/pages/node/7267345

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.