Metrics
Affected Vendors & Products
Solution
IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH66167. For IBM WebSphere Application Server traditional: For V9.0.0.0 through 9.0.5.24: · Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH66167 --OR-- · Apply Fix Pack 9.0.5.25 or later (targeted availability 3Q2025). For V8.5.0.0 through 8.5.5.28: · Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH66167 --OR-- · Apply Fix Pack 8.5.5.29 or later (targeted availability 1Q2026). Additional interim fixes may be available and linked off the interim fix download page.
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7242172 |
![]() ![]() |
Mon, 18 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hp
Hp hp-ux Ibm aix Ibm i Ibm z\/os Linux Linux linux Kernel Microsoft Microsoft windows Oracle Oracle solaris |
|
CPEs | cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:-:*:*:* cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:z\/os:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Hp
Hp hp-ux Ibm aix Ibm i Ibm z\/os Linux Linux linux Kernel Microsoft Microsoft windows Oracle Oracle solaris |
Thu, 14 Aug 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 14 Aug 2025 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections. | |
Title | IBM WebSphere Application Server information disclosure | |
First Time appeared |
Ibm
Ibm websphere Application Server |
|
Weaknesses | CWE-295 | |
CPEs | cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm websphere Application Server |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-08-14T19:55:56.651Z
Reserved: 2025-04-15T17:51:21.700Z
Link: CVE-2025-33142

Updated: 2025-08-14T18:43:51.993Z

Status : Analyzed
Published: 2025-08-14T16:15:31.863
Modified: 2025-08-18T18:05:01.200
Link: CVE-2025-33142

No data.

No data.