CVE-2025-36097
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-08-11
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | websphere_application_server | From 9.0.0.0 (inc) to 9.0.5.24 (exc) |
| ibm | websphere_application_server | From 17.0.0.3 (inc) to 25.0.0.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects IBM WebSphere Application Server versions 9.0 and WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.7. It is a denial of service vulnerability caused by a stack-based overflow. An attacker can exploit this by sending a specially crafted request that causes the server to consume excessive memory resources, potentially leading to a crash or unavailability.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition. An attacker can cause the affected server to consume excessive memory, which may result in the server crashing or becoming unresponsive, disrupting normal operations and availability of services.