CNNVD-202509-4379 Information

Sep 29, 2025 cve

CNNVD ID

CNNVD-202509-4379

CVE-2025-36099

  • CNNVD Published: 2025-09-29

Description (Chinese)

IBM WebSphere Application Server(WAS)是美国国际商业机器(IBM)公司的一款应用服务器产品。该产品是JavaEE和Web服务应用程序的平台,也是IBMWebSphere软件平台的基础。 IBM WebSphere Application Server 8.5版本和9.0版本存在安全漏洞,该漏洞源于特制请求可能导致服务器消耗内存资源,从而引发拒绝服务攻击。

Description (English)

IBM WebSphere Application Server (WAS) is an application server product of IBM. The product is the platform for JavaEE and Web service applications and the basis for the IBMWebSphere software platform. IBM WebSphere Application Server 8.5 and 9.0 had a security loophole, which arose out of ad hoc requests that could result in server depleting memory resources, thereby triggering service denial attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-09-29

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7246549

Patch

https://www.ibm.com/support/pages/node/7246549

Share on: