Executive Summary

CVE-2025-14915 is a privilege escalation vulnerability in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3. It occurs when the restConnector-1.0 or restConnector-2.0 features are enabled, allowing a privileged user to gain unauthorized additional access to the application server.

This vulnerability is classified under CWE-200, which involves exposure of sensitive information to an unauthorized actor. The CVSS v3.1 base score is 6.5, indicating a medium severity with a network attack vector, low attack complexity, and requiring high privileges but no user interaction. The impact affects confidentiality and integrity but not availability.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows a privileged user to escalate their privileges and gain additional unauthorized access to the IBM WebSphere Application Server Liberty. This can lead to exposure of sensitive information and unauthorized modification of data or configurations within the application server.

Because the vulnerability impacts confidentiality and integrity, it can compromise the security of applications and data hosted on the server, potentially leading to data breaches or unauthorized changes.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability occurs when the restConnector-1.0 or restConnector-2.0 features are enabled in IBM WebSphere Application Server Liberty. To detect the vulnerability on your system, you should verify if either of these features is enabled.

IBM provides guidance on determining feature usage in Liberty, which can help identify if restConnector is active. Checking the enabled features in your Liberty server configuration is the primary method to detect potential exposure.

Specific commands are not provided in the available resources, but typically, you can check the server configuration files (such as server.xml) or use Liberty administrative commands to list enabled features.

Useful 0 Not Useful 0

Mitigation Strategies

IBM recommends remediation by applying an interim fix or fix pack containing APAR PH70327.

Users should first upgrade to the minimal required fix pack level and then apply the interim fix, or alternatively apply Liberty Fix Pack 26.0.0.4 or later, which is targeted for availability in the second quarter of 2026.

Currently, no workarounds or mitigations are available other than applying the recommended fixes.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-14915) involves privilege escalation that allows a privileged user to gain unauthorized additional access to the application server. This can lead to exposure of sensitive information and compromise of data confidentiality and integrity.

Such unauthorized access and potential exposure of sensitive information could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive data to protect confidentiality and integrity.

However, the provided information does not explicitly mention the direct impact on compliance frameworks or specific regulatory requirements.

Useful 0 Not Useful 0