CVE-2025-14923

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7261761	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*

History

04 Mar 2026, 18:23

Type	Values Removed	Values Added
CPE		cpe:2.3:a:ibm:websphere_application_server:::::liberty:::*
First Time		Ibm Ibm websphere Application Server
References	~~() https://www.ibm.com/support/pages/node/7261761 -~~	() https://www.ibm.com/support/pages/node/7261761 - Vendor Advisory
CWE		CWE-798

03 Mar 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-03 20:16

Updated : 2026-03-04 18:23

NVD link : CVE-2025-14923

Mitre link : CVE-2025-14923

CVE.ORG link : CVE-2025-14923

JSON object : View

Products Affected

ibm

websphere_application_server

CWE

CWE-321

Use of Hard-coded Cryptographic Key

CWE-798

Use of Hard-coded Credentials

4.7 /10