9.1
CVE-2026-8856
- EPSS 0.2%
- Veröffentlicht 26.05.2026 16:56:58
- Zuletzt bearbeitet 26.05.2026 20:22:17
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ HTTP Server Version >= 8.5.0.0 < 8.5.5.30
Ibm ≫ HTTP Server Version >= 9.0.0.0 < 9.0.5.29
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.095 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
| psirt@us.ibm.com | 7.7 | 2.5 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
https://www.ibm.com/support/pages/node/7274065