CVE-2025-36099
Severity
4.9MEDIUM
EPSS
0.1%
top 79.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 29
Description
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A privileged user could exploit this vulnerability to cause the server to consume memory resources.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6