CNNVD-202508-1669 Information

CNNVD ID

CNNVD-202508-1669

Related CVE

CVE-2025-33142

• CNNVD Published: 2025-08-14

Description (Chinese)

IBM WebSphere Application Server（WAS）是美国国际商业机器（IBM）公司的一款应用服务器产品。该产品是JavaEE和Web服务应用程序的平台，也是IBMWebSphere软件平台的基础。 IBM WebSphere Application Server 8.5和9.0版本存在信任管理问题漏洞，该漏洞源于TLS连接安全性低于预期。

Description (English)

IBM WebSphere Application Server (WAS) is an application server product of IBM. The product is the platform for JavaEE and Web service applications and the basis for the IBMWebSphere software platform. Versions 8.5 and 9.0 of IBM WebSphere Application Server had a confidence management gap, which stemmed from the lower than expected security of the TLS connection.

Hazard Level

High

Vulnerability Type

信任管理问题

Affected Vendor

国际商业机器

Published

2025-08-14

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7242172 https://vigilance.fr/vulnerability/IBM-WebSphere-Application-Server-Man-in-the-Middle-dated-15-08-2025-48002 https://nvd.nist.gov/vuln/detail/CVE-2025-33142

Patch

https://www.ibm.com/support/pages/node/7242172