9.1
CVE-2026-8644
- EPSS 0.33%
- Veröffentlicht 01.06.2026 17:46:04
- Zuletzt bearbeitet 04.06.2026 16:58:19
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM WebSphere Application Server is affected by an identity spoofing vulnerability
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server SwEditiontraditional Version >= 8.5.0.0 < 8.5.5.30
Ibm ≫ Websphere Application Server SwEditiontraditional Version >= 9.0.0.0 < 9.0.5.29
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.249 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
CWE-290 Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.ibm.com/support/pages/node/7274740