DNA View

CVE-2025-33142

Medium

Low Medium High Critical

5.3

CVSS Score

Published: Aug 14, 2025

Last Modified: Aug 18, 2025

CWE: CWE-295

Vulnerability Description

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

54 configuration(s) from 1 vendor(s)

websphere_application_server

Version:

9.0.0.0

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.0:*:*:*:traditional:*:*:*

websphere_application_server

Version:

9.0.5.15

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.15:*:*:*:-:*:*:*

websphere_application_server

Version:

8.5

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:traditional:*:*:*

websphere_application_server

Version:

8.5.5.0

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:-:liberty_profile:*:*:*:*:*

websphere_application_server

Version:

8.5.5.4

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:-:*:*:liberty:*:*:*

websphere_application_server

Version:

8.5.5.15

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.15:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.0.1

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:-:liberty_profile:*:*:*:*:*

websphere_application_server

Version:

8.5.5.1

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:-:liberty_profile:*:*:*:*:*

websphere_application_server

Version:

9.0.0.4

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.4:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.0.5

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.5:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.2

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:-:liberty_profile:*:*:*:*:*

websphere_application_server

Version:

9.0.0.3

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.3:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.23

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.23:*:*:*:-:*:*:*

websphere_application_server

Version:

9.0.0.6

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.6:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.11

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.11:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.5.0

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.0:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.18

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.18:*:*:*:hypervisor:*:*:*

websphere_application_server

Version:

9.0.5.8

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.8:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.0.11

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.11:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.3

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.20

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.20:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.17

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.17:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.13

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.13:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.25

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.25:*:*:*:traditional:*:*:*

websphere_application_server

Version:

9.0.0.1

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.1:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.8

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.8:*:*:*:liberty:*:*:*

websphere_application_server

Version:

9.0.5.5

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.5:*:*:*:hypervisor:*:*:*

websphere_application_server

Version:

9.0.5.4

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.4:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.0.7

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.7:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.14

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.14:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.5.7

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.7:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.19

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.19:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.5.6

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.6:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.0.8

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.8:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.10

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.10:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.6

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.6:-:*:*:liberty:*:*:*

websphere_application_server

Version:

9.0

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.0.0

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:-:*:*:*

websphere_application_server

Version:

8.5.5.7

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.7:*:*:*:liberty:*:*:*

websphere_application_server

Version:

9.0.0.10

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.10:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.22

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.22:*:*:*:-:*:*:*

websphere_application_server

Version:

9.0.5.1

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.1:*:*:*:-:*:*:*

websphere_application_server

Version:

8.5.5.5

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:-:*:*:liberty:*:*:*

websphere_application_server

Version:

8.5.5.16

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.16:*:*:*:-:*:*:*

websphere_application_server

Version:

9.0.5.16

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.16:*:*:*:-:*:*:*

websphere_application_server

Version:

9.0.5.19

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.19:*:*:*:traditional:*:*:*

websphere_application_server

Version:

9.0.0.2

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.2:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.9

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.9:*:*:*:liberty:*:*:*

websphere_application_server

Version:

8.5.0.2

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:-:liberty_profile:*:*:*:*:*

websphere_application_server

Version:

9.0.5.2

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.2:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.5.3

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.5.3:*:*:*:*:*:*:*

websphere_application_server

Version:

9.0.0.9

CPE:

cpe:2.3:a:ibm:websphere_application_server:9.0.0.9:*:*:*:*:*:*:*

websphere_application_server

Version:

8.5.5.12

CPE:

cpe:2.3:a:ibm:websphere_application_server:8.5.5.12:*:*:*:*:*:*:*

This vulnerability affects 54 software configuration(s). Ensure you patch all affected systems.

References & Resources

https://www.ibm.com/support/pages/node/7242172
psirt@us.ibm.com Vendor Advisory

Severity Details

5.3

out of 10.0

Medium

Weakness Type (CWE)

CWE-295 Top 25 #23

Improper Certificate Validation

Description: The product does not validate, or incorrectly validates, a certificate.
Typical Severity: High
OWASP Top 10: A02:2021-Cryptographic Failures
Abstraction Level: Base

View CWE Details on MITRE

Key Information

Published Date: August 14, 2025

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

CVE-2025-33142

Vulnerability Description

CVSS Metrics

Known Affected Software

ibm

References & Resources

Severity Details

Weakness Type (CWE)

Key Information

External Resources