Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.
AnalysisAI
Heap-based buffer overflow in IBM HTTP Server 8.5 and 9.0 allows an attacker already authenticated to the Administration Server to execute arbitrary code or crash the service. The flaw requires adjacent network access and existing low-level privileges, and no public exploit identified at time of analysis despite the high CVSS 8.0 rating. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Attacker must (1) have network reachability to the IBM HTTP Server Administration Server on an adjacent network segment (CVSS AV:A - not routable from the open internet by design), (2) hold valid low-privilege credentials authenticated to the Administration Server (CVSS PR:L - the description explicitly states 'A privileged user, authenticated to the Administration Server'), and (3) target an unpatched IHS 8.5.0 at or below Interim Fix 002, or any 9.0 release prior to the fix in IBM advisory 7274065. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals diverge sharply: CVSS rates the issue High (8.0) on the strength of HIGH impact across confidentiality, integrity, and availability, but the vector AV:A/AC:L/PR:L meaningfully constrains real-world reach - the attacker must be on an adjacent network segment and must already hold credentials on the Administration Server, which is typically firewalled to admin VLANs. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An insider or a foothold-holder who has compromised a low-privilege Administration Server account on the management network sends a crafted administrative request whose oversized field overflows a heap buffer in the IHS admin handler, corrupting adjacent heap metadata to either crash the process (DoS of the managed web tier) or hijack execution and run code with the privileges of the IHS administrative process. No public POC has been published, so a working exploit would currently need to be developed from the patch diff. |
| Remediation | Apply the vendor patch referenced in IBM Support advisory https://www.ibm.com/support/pages/node/7274065, which provides the corrected interim fix for 8.5.0 (beyond Interim Fix 002) and the patched build for 9.0 - Patch available per vendor advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all IBM HTTP Server 8.5 and 9.0 instances and validate that administrative access is restricted to authorized personnel only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Http Server
View allDenial of service in Apache HTTP Server 2.4.17 through 2.4.67 (via the bundled mod_http2 module) allows remote unauthent
Oracle HTTP Server and WebLogic Server Proxy Plug-in have a CVSS 10.0 access control vulnerability allowing unauthentica
CVE-2025-23048 is an authentication bypass vulnerability in Apache HTTP Server 2.4.35-2.4.63 affecting mod_ssl configura
CVE-2025-58098 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.
Remote code execution and denial of service in IBM HTTP Server 8.5 and 9.0 affects deployments configured with TLS mutua
A flaw was found in the mod_auth_openidc module for Apache httpd. Rated high severity (CVSS 7.5), this vulnerability is
Denial of service in IBM HTTP Server 8.5 and 9.0 allows local attackers with write access to server configuration files
CVE-2025-49630 is a denial of service vulnerability in Apache HTTP Server versions 2.4.26 through 2.4.63 that can be tri
CVE-2025-53020 is a late release of memory after effective lifetime vulnerability (use-after-free) in Apache HTTP Server
HTTP response splitting vulnerability in Apache HTTP Server core allows network-based attackers without authentication t
CVE-2024-43204 is a Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server when mod_proxy is loaded, all
CVE-2024-47252 is a security vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31917
GHSA-34j9-v3rv-pgg8