CVE-2025-14915

CWE-200Information Exposure4 documents4 sources
Severity
7.2HIGH
EPSS
0.0%
top 89.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Websphere Application ServerIBM Websphere Application Server - Liberty
Timeline
PublishedMar 25

Description

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 1.2 | Impact: 5.2

Affected Packages2 packages

CVEListV5ibm/websphere_application_server_-_liberty17.0.0.326.0.0.3
NVDibm/websphere_application_server17.0.0.326.0.0.4

🔴Vulnerability Details

2
GHSA
GHSA-c39w-6qgm-5cp7: IBM WebSphere Application Server - Liberty 172026-03-25
CVEList
IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability2026-03-25

🕵️Threat Intelligence

1
Wiz
CVE-2025-14915 Impact, Exploitability, and Mitigation Steps | Wiz