Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
AnalysisAI
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 contain a server-side request forgery (SSRF) vulnerability that allows authenticated remote attackers to send unauthorized requests from the vulnerable system. This exposure could enable network enumeration, internal service discovery, or facilitate secondary attacks against internal infrastructure. A patch is available from IBM, and the vulnerability requires authenticated access (PR:L) but has low attack complexity, making it a medium-priority issue for organizations running affected Liberty instances.
Technical ContextAI
The vulnerability exists in IBM WebSphere Application Server Liberty, a lightweight Java EE application server runtime. The affected component improperly handles user-supplied input when constructing outbound HTTP requests, failing to validate or restrict the target URL or destination. This is classified under CWE-918 (Server-Side Request Forgery), which describes a flaw where the server fetches remote resources without proper validation of the resource location. The affected versions span from 17.0.0.3 through 26.0.0.3 (CPE: cpe:2.3:a:ibm:websphere_application_server_liberty:*:*:*:*:*:*:*:*), indicating the issue persists across multiple years of releases. The vulnerability likely resides in a feature or service handler that processes external requests and re-issues them without sufficient URL sanitization or destination filtering.
RemediationAI
Apply the vendor-supplied patch immediately by upgrading IBM WebSphere Application Server Liberty to a version greater than 26.0.0.3, following IBM's official release notes and patch guidance available at https://www.ibm.com/support/pages/node/7267347. If immediate patching is not feasible, implement network-level controls to restrict outbound connections from Liberty instances to known, approved internal and external destinations using firewall rules or web application firewall policies. Additionally, audit access logs for suspicious outbound requests and restrict user privileges where possible to minimize the attack surface. Monitor for any indicators of SSRF exploitation such as unexpected outbound connections to internal IP ranges or metadata services (e.g., 169.254.169.254 on cloud platforms). After patching, validate the fix by reviewing Liberty security bulletins and re-testing affected application endpoints.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15982