Sign In

CVE-2025-36047

📊 5.3 MEDIUM0.1%🎯 0 exploits
📅 Published Aug 14, 2025
📋 Status: Analyzed

IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

🎯 Affected Products & Systems

7 product configurations affected

Filter by type:
📱
Vulnerable
Version: ≥ 18.0.0.2 ∧ < 25.0.0.9
CPE:
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*
💻
apple / macos
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
💻
ibm / aix
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
💻
ibm / i
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*
💻
ibm / z\/os
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:ibm:z\/os:-:*:*:*:*:*:*:*
💻
linux / linux kernel
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
💻
microsoft / windows
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
7 productsscroll for more
Metrics
5.3 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
NONE
Integrity:
NONE
Availability:
LOW
Scope:
UNCHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
5.3 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)33.2th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Aug 14, 2025 (2 months ago)
Last Modified
Aug 18, 2025 (2 months ago)
Security Weaknesses1
References2