Metrics
Affected Vendors & Products
Solution
For IBM WebSphere Application Server traditional: For V9.0.0.0 through 9.0.5.24: · Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH66674 --OR-- · Apply Fix Pack 9.0.5.25 or later (targeted availability 3Q2025). For V8.5.0.0 through 8.5.5.27: · Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH66674 --OR-- · Apply Fix Pack 8.5.5.28 or later (targeted availability 3Q2025). Additional interim fixes may be available and linked off the interim fix download page.
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7237967 |
![]() ![]() |
Fri, 18 Jul 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hp
Hp hp-ux Ibm aix Ibm i Ibm z\/os Linux Linux linux Kernel Microsoft Microsoft windows Oracle Oracle solaris |
|
CPEs | cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:* cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:z\/os:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Hp
Hp hp-ux Ibm aix Ibm i Ibm z\/os Linux Linux linux Kernel Microsoft Microsoft windows Oracle Oracle solaris |
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Thu, 26 Jun 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 25 Jun 2025 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. | |
Title | IBM WebSphere Application Server code execution | |
First Time appeared |
Ibm
Ibm websphere Application Server |
|
Weaknesses | CWE-502 | |
CPEs | cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm websphere Application Server |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-08-26T14:51:51.996Z
Reserved: 2025-04-15T21:16:09.685Z
Link: CVE-2025-36038

Updated: 2025-06-26T14:19:43.241Z

Status : Analyzed
Published: 2025-06-25T21:15:20.447
Modified: 2025-07-18T18:11:33.440
Link: CVE-2025-36038

No data.

No data.