CVE-2025-14915
Privilege Escalation in IBM WebSphere Liberty
Publication date: 2026-03-25
Last updated on: 2026-03-30
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | websphere_application_server | From 17.0.0.3 (inc) to 26.0.0.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-14915 is a privilege escalation vulnerability in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3. It occurs when the restConnector-1.0 or restConnector-2.0 features are enabled, allowing a privileged user to gain unauthorized additional access to the application server.
This vulnerability is classified under CWE-200, which involves exposure of sensitive information to an unauthorized actor. The CVSS v3.1 base score is 6.5, indicating a medium severity with a network attack vector, low attack complexity, and requiring high privileges but no user interaction. The impact affects confidentiality and integrity but not availability.
How can this vulnerability impact me? :
This vulnerability allows a privileged user to escalate their privileges and gain additional unauthorized access to the IBM WebSphere Application Server Liberty. This can lead to exposure of sensitive information and unauthorized modification of data or configurations within the application server.
Because the vulnerability impacts confidentiality and integrity, it can compromise the security of applications and data hosted on the server, potentially leading to data breaches or unauthorized changes.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability occurs when the restConnector-1.0 or restConnector-2.0 features are enabled in IBM WebSphere Application Server Liberty. To detect the vulnerability on your system, you should verify if either of these features is enabled.
IBM provides guidance on determining feature usage in Liberty, which can help identify if restConnector is active. Checking the enabled features in your Liberty server configuration is the primary method to detect potential exposure.
Specific commands are not provided in the available resources, but typically, you can check the server configuration files (such as server.xml) or use Liberty administrative commands to list enabled features.
What immediate steps should I take to mitigate this vulnerability?
IBM recommends remediation by applying an interim fix or fix pack containing APAR PH70327.
Users should first upgrade to the minimal required fix pack level and then apply the interim fix, or alternatively apply Liberty Fix Pack 26.0.0.4 or later, which is targeted for availability in the second quarter of 2026.
Currently, no workarounds or mitigations are available other than applying the recommended fixes.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-14915) involves privilege escalation that allows a privileged user to gain unauthorized additional access to the application server. This can lead to exposure of sensitive information and compromise of data confidentiality and integrity.
Such unauthorized access and potential exposure of sensitive information could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive data to protect confidentiality and integrity.
However, the provided information does not explicitly mention the direct impact on compliance frameworks or specific regulatory requirements.