Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.9
IBM WebSphere Application Server: Insecure Security Settings Configuration
CVE-2025-13333
Summary
Some IBM WebSphere Application Server versions may not properly secure security settings, potentially allowing unauthorized system administration. This could lead to security weaknesses and unauthorized access to sensitive data. To address this, ensure that security settings are properly configured and updated.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ibm | websphere_application_server | 8.5.0.0 | – |
| ibm | websphere_application_server | 9.0.0.0 | – |
Original title
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.
Original description
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.
nvd CVSS3.1
4.9
Vulnerability type
CWE-358
- https://www.ibm.com/support/pages/node/7260217 Vendor Advisory
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026