Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2025-33142)

Summary WebSphere Application Server traditional is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) could provide weaker than expected security

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM could provide weaker than expected security CVE-2025-33142 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-36097, CVE-2024-56339)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-27907,CVE-2025-33104, CVE-2025-36038)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server, which impacts IBM Tivoli Netcool Configuration Manager

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Multiple vulnerabilities were addressed in IBM WebSphere Application Server CVE-2024-56339, CVE-2025-36097, CVE-2024-43204, CVE-2024-43394, CVE-2024-42516. Vulnerability...

CVE-2025-33142

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...

CVE-2025-36047

IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2025-48976)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a denial of service attack due to an Apache Commons FileUpload vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerabili...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2025-33142)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a weaker than expected security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the securit...

IBM WebSphere Application Server Liberty Resource Management Error Vulnerability

IBM WebSphere Application Server Liberty is a lightweight Java application server from IBM for rapid development and deployment of cloud-native applications. A denial of service vulnerability exists in IBM WebSphere Application Server Liberty versions 18.0.0.2 through 25.0.0.8, which stems from t...

CVE-2025-36000

IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

CVE-2025-36124

IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging configuration...

Security Bulletin: IBM WebSphere Application Server could provide weaker than expected security (CVE-2025-33142)

Summary IBM WebSphere Application Server could provide weaker than expected security for TLS connections. Vulnerability Details CVEID:CVE-2025-33142 DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security for TLS connections. CWE:CWE-295: Improper Certificate...

CVE-2025-36047

IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

CVE-2025-36047

IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

CVE-2025-33142

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...

CVE-2025-33142

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...

CVE-2025-33142

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections (CVE-2025-33142). The issue is described as improper certificate validation (CWE-295). IBM has issued multiple security bulletins across products that bundle or include WAS (e.g., IBM Engi...

CVE-2025-33142 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...

CVE-2025-33142 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...