HIGHCVE-2026-3621Published Modified CNA ibm
CVE-2026-3621: IBM WebSphere Application Server Liberty is affected by identity spoofing
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- IBM / WebSphere Application Server - Liberty≤ 26.0.0.4
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HReferences