CVE-2025-13333

🗓️ 17 Feb 2026 22:45:10Reported by ibmType

WebSphere Application Server settings administration could be weaker in versions nine and eight.

Reporter	Title	Published	Views	Family All 29
IBM Security Bulletins	Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional which could provide weaker than expected security.	17 Feb 202608:45	–	ibm
IBM Security Bulletins	Security Bulletin: Due to the use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by vulnerability (CVE-2025-13333).	13 Apr 202613:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server, which impacts IBM Tivoli Netcool Configuration Manager	18 Apr 202602:39	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities were found in IBM WebSphere Application Server provided with IBM Security Verify Directory (CVE-2025-13333)	18 Jun 202612:52	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-13333)	10 Apr 202607:05	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-13333]	20 Feb 202609:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) could provide weaker than expected security (CVE-2025-13333)	13 Mar 202607:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-13333)	18 Feb 202622:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-13333)	18 Feb 202622:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server could provide weaker than expected security (CVE-2025-13333)	9 Mar 202615:13	–	ibm

NVD

Vulners

Node

ibm websphere_application_serverMatch8.5.0.0-

ibm websphere_application_serverMatch9.0.0.0-

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:9.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:websphere_application_server:8.5.0:*:*:*:*:*:*:*"
    ],
    "product": "WebSphere Application Server",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "9.0.5.27",
        "status": "affected",
        "version": "9.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "8.5.5.29",
        "status": "affected",
        "version": "8.5",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7260217

17 Jun 2026 08:33Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.14.4 - 4.9

EPSS0.0031

SSVC

CWE-358