Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Network-reachable plug-in, no auth required, but AC:H reflects undisclosed triggering precondition; DoS-only impact means C:N/I:N.
Primary rating from Vendor (ibm).
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionNVD
IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.
AnalysisAI
Denial of service in the IBM WebSphere WebServer Plug-in component affects IBM i 7.3 through 7.6, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty via a NULL pointer dereference (CWE-476) triggered by crafted HTTP requests. The CVSS vector (AV:N/AC:H/PR:N/UI:N) confirms remote unauthenticated exploitation, though high attack complexity limits opportunistic mass exploitation. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The WebSphere WebServer Plug-in must be deployed and actively handling requests - this component is present when WebSphere Application Server is configured to front behind a separate web server (IBM HTTP Server, Apache, or IIS) rather than serving requests directly. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.9 (Medium) reflects a meaningful but contextually bounded risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated remote attacker identifies a host running IBM i or WebSphere Application Server with the WebSphere WebServer Plug-in exposed on a network-accessible port. The attacker sends a sequence of specially crafted HTTP requests designed to trigger an abnormal internal state in the plug-in's request-parsing code, causing a null pointer dereference. … |
| Remediation | A vendor-released patch is available per IBM's advisory at https://www.ibm.com/support/pages/node/7277344. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Null Pointer Dereference
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38346
GHSA-jfrh-xh86-v7pp