7.5
CVE-2025-33142
- EPSS 0.04%
- Veröffentlicht 14.08.2025 15:41:59
- Zuletzt bearbeitet 18.08.2025 18:05:01
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM WebSphere Application Server information disclosure
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server SwEdition- Version >= 8.5.0.0 < 8.5.5.29
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.