EUVD-2024-22388

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

IBM WebSphere Application Server 8.5, 9.0 and Liberty 17.0.0.3 to 24.0.0.4 are vulnerable to denial of service.

Reporter	Title	Published	Views	Family All 84
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-25026, CVE-2023-50313, CVE-2024-22329)	25 Jun 202411:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server is vulnerable to a denial of service (CVE-2024-25026).	26 Apr 202407:57	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard	24 Jun 202414:15	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Monitor	20 Nov 202414:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Controller is affected by vulnerabilities	15 Apr 202503:15	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities in Liberty affect IBM Voice Gateway	17 May 202413:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware	15 Apr 202502:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty Profile affects IBM Robotic Process Automation and may result in a denial of service ( CVE-2024-25026, CVE-2024-27268)	12 Aug 202419:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to denial of service due to IBM WebSphere Application Server Liberty (CVE-2024-25026)	1 Jul 202417:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SPSS Collaboration and Deployment Services is vulnerable to a denial of service attack originating in IBM WebSphere Application Server Liberty (CVE-2024-25026)	28 Jan 202522:08	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "e1d6bc69-ebe4-3d69-9306-3ceda2ecf3c4",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "7daafa56-d592-3608-8556-6f9f9093eb88",
        "product": {
          "name": "WebSphere Application Server Liberty"
        }
      },
      {
        "id": "80cc9a75-49b4-32fc-9ca6-902e00c9ba84",
        "product": {
          "name": "WebSphere Application Server"
        }
      },
      {
        "id": "ca56f4c8-ecc5-320a-b6b6-56f9a911b702",
        "product": {
          "name": "WebSphere Application Server Liberty"
        },
        "product_version": "17.0.0.3 ≤24.0.0.4"
      },
      {
        "id": "f28bafed-a54d-3a7f-974f-8f7af0a1ea61",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5, 9.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7149330
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/281516

03 Oct 2025 20:07Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.9 - 7.5

EPSS0.00021

SSVC