IBM WebSphere Products Multiple Vulnerabilities
Release Date: 2 Jul 2026
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in IBM WebSphere Products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, denial of service condition, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Denial of Service
- Cross-Site Scripting
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- IBM WebSphere Application Server - 8.5
- IBM WebSphere Application Server - 9.0
- IBM WebSphere Application Server - Liberty - 17.0.0.3 - 26.0.0.7
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://www.ibm.com/support/pages/node/7276600
- https://www.ibm.com/support/pages/node/7278572
- https://www.ibm.com/support/pages/node/7278576
- https://www.ibm.com/support/pages/node/7278580
- https://www.ibm.com/support/pages/node/7278590
Vulnerability Identifier
- CVE-2026-9006
- CVE-2026-9171
- CVE-2026-9322
- CVE-2026-11546
- CVE-2026-11595
- CVE-2026-11708
- CVE-2026-11712
- CVE-2026-11714
- CVE-2026-50645
沒有留言:
發佈留言