cvelistv5 - cve-2026-3621

CVE-2026-3621 (GCVE-0-2026-3621)

Vulnerability from cvelistv5

Published

2026-04-22 23:07

Modified

2026-04-24 03:55

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-269 - Improper Privilege Management

Summary

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.

References

URL

Tags

https://www.ibm.com/support/pages/node/7270437

vendor-advisory, patch

Impacted products

	Vendor	Product	Version
	IBM	WebSphere Application Server - Liberty	Version: 17.0.0.3 ≤ 26.0.0.4 cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:::::::* cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.4:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3621",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-23T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-24T03:55:15.371Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.4:*:*:*:*:*:*:*"
          ],
          "product": "WebSphere Application Server - Liberty",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "26.0.0.4",
              "status": "affected",
              "version": "17.0.0.3",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.\u003c/p\u003e"
            }
          ],
          "value": "IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T23:07:31.595Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7270437"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH70352. IBM WebSphere Application Server Liberty is affected by identity spoofing only when the appSecurity feature (appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0) is\u00a0\u003cstrong\u003enot enabled\u003c/strong\u003e on the server. To determine if a feature is enabled for IBM WebSphere Application Server Liberty, refer to \u003ca href=\"https://www.ibm.com/support/pages/node/6553910\" rel=\"nofollow\"\u003eHow to determine if Liberty is using a specific feature\u003c/a\u003e.\u00a0\u003cbr/\u003e\u003cbr/\u003e\u003cstrong\u003eFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.4:\u003c/strong\u003e\u003cbr/\u003e\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\"https://www.ibm.com/support/pages/node/7270436\" rel=\"nofollow\"\u003ePH70352\u003c/a\u003e\u003cbr/\u003e--OR--\u003cbr/\u003e\u00b7 Apply Liberty Fix Pack 26.0.0.5 or later (targeted availability 2Q2026).\u00a0\u003cbr/\u003e\u003cbr/\u003eAdditional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH70352. IBM WebSphere Application Server Liberty is affected by identity spoofing only when the appSecurity feature (appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0) is\u00a0not enabled on the server. To determine if a feature is enabled for IBM WebSphere Application Server Liberty, refer to  How to determine if Liberty is using a specific feature https://www.ibm.com/support/pages/node/6553910 .\u00a0\n\nFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.4:\n\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves  PH70352 https://www.ibm.com/support/pages/node/7270436 \n--OR--\n\u00b7 Apply Liberty Fix Pack 26.0.0.5 or later (targeted availability 2Q2026).\u00a0\n\nAdditional interim fixes may be available and linked off the interim fix download page."
        }
      ],
      "title": "IBM WebSphere Application Server Liberty is affected by identity spoofing",
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2026-3621",
    "datePublished": "2026-04-22T23:07:31.595Z",
    "dateReserved": "2026-03-05T21:53:23.170Z",
    "dateUpdated": "2026-04-24T03:55:15.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-3621\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-23T13:51:42.101697Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-23T13:51:46.651Z\"}}], \"cna\": {\"title\": \"IBM WebSphere Application Server Liberty is affected by identity spoofing\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.4:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"WebSphere Application Server - Liberty\", \"versions\": [{\"status\": \"affected\", \"version\": \"17.0.0.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"26.0.0.4\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH70352. IBM WebSphere Application Server Liberty is affected by identity spoofing only when the appSecurity feature (appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0) is\\u00a0not enabled on the server. To determine if a feature is enabled for IBM WebSphere Application Server Liberty, refer to  How to determine if Liberty is using a specific feature https://www.ibm.com/support/pages/node/6553910 .\\u00a0\\n\\nFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.4:\\n\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves  PH70352 https://www.ibm.com/support/pages/node/7270436 \\n--OR--\\n\\u00b7 Apply Liberty Fix Pack 26.0.0.5 or later (targeted availability 2Q2026).\\u00a0\\n\\nAdditional interim fixes may be available and linked off the interim fix download page.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH70352. IBM WebSphere Application Server Liberty is affected by identity spoofing only when the appSecurity feature (appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0, or appSecurity-5.0) is\\u00a0\u003cstrong\u003enot enabled\u003c/strong\u003e on the server. To determine if a feature is enabled for IBM WebSphere Application Server Liberty, refer to \u003ca href=\\\"https://www.ibm.com/support/pages/node/6553910\\\" rel=\\\"nofollow\\\"\u003eHow to determine if Liberty is using a specific feature\u003c/a\u003e.\\u00a0\u003cbr/\u003e\u003cbr/\u003e\u003cstrong\u003eFor IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.4:\u003c/strong\u003e\u003cbr/\u003e\\u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves \u003ca href=\\\"https://www.ibm.com/support/pages/node/7270436\\\" rel=\\\"nofollow\\\"\u003ePH70352\u003c/a\u003e\u003cbr/\u003e--OR--\u003cbr/\u003e\\u00b7 Apply Liberty Fix Pack 26.0.0.5 or later (targeted availability 2Q2026).\\u00a0\u003cbr/\u003e\u003cbr/\u003eAdditional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7270437\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"x_generator\": {\"engine\": \"ibm-cvegen\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2026-04-22T23:07:31.595Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-3621\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-24T03:55:15.371Z\", \"dateReserved\": \"2026-03-05T21:53:23.170Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2026-04-22T23:07:31.595Z\", \"assignerShortName\": \"ibm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0523

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.6_iFix048
IBM	WebSphere	WebSphere Application Server - Liberty versions 17.0.0.3 à 26.0.0.4 sans le dernier correctif de sécurité
IBM	Informix Dynamic Server	Informix Dynamic Server versions 15.0 sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 12.10.x sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 14.10 sans le correctif de sécurité HQ 3.2.2
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x antérieures à 6.4.0.4_iFix019
IBM	Security QRadar Log Management AQL	greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.5

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7270805	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270827	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270869	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270820	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270845	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270868	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270775	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270692	2026-04-24	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.6_iFix048",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server - Liberty versions 17.0.0.3 \u00e0 26.0.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 15.0 sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 12.10.x sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 14.10 sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.4_iFix019",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "greffon Security QRadar Log Management AQL versions 1.x ant\u00e9rieures \u00e0 1.1.5",
      "product": {
        "name": "Security QRadar Log Management AQL",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-22737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
    },
    {
      "name": "CVE-2026-22610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
    },
    {
      "name": "CVE-2026-33186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
    },
    {
      "name": "CVE-2026-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3621"
    },
    {
      "name": "CVE-2025-66412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
    },
    {
      "name": "CVE-2025-66035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
    },
    {
      "name": "CVE-2026-2391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
    },
    {
      "name": "CVE-2025-15284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
    },
    {
      "name": "CVE-2026-22029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
    },
    {
      "name": "CVE-2026-24051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2026-4800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
    },
    {
      "name": "CVE-2025-67030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
    },
    {
      "name": "CVE-2026-0540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0540"
    },
    {
      "name": "CVE-2026-33532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33532"
    },
    {
      "name": "CVE-2025-68470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68470"
    },
    {
      "name": "CVE-2026-33228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
    },
    {
      "name": "CVE-2026-27970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27970"
    },
    {
      "name": "CVE-2026-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
    },
    {
      "name": "CVE-2024-29371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
    },
    {
      "name": "CVE-2025-15599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15599"
    },
    {
      "name": "CVE-2024-31033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31033"
    },
    {
      "name": "CVE-2026-26278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
    },
    {
      "name": "CVE-2026-22735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
    },
    {
      "name": "CVE-2026-27601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
    },
    {
      "name": "CVE-2026-32141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
    },
    {
      "name": "CVE-2025-13465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
    }
  ],
  "initial_release_date": "2026-04-30T00:00:00",
  "last_revision_date": "2026-04-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0523",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270805",
      "url": "https://www.ibm.com/support/pages/node/7270805"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270827",
      "url": "https://www.ibm.com/support/pages/node/7270827"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270869",
      "url": "https://www.ibm.com/support/pages/node/7270869"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270820",
      "url": "https://www.ibm.com/support/pages/node/7270820"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270845",
      "url": "https://www.ibm.com/support/pages/node/7270845"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270868",
      "url": "https://www.ibm.com/support/pages/node/7270868"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270775",
      "url": "https://www.ibm.com/support/pages/node/7270775"
    },
    {
      "published_at": "2026-04-24",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270692",
      "url": "https://www.ibm.com/support/pages/node/7270692"
    }
  ]
}

CERTFR-2026-AVI-0492

Vulnerability from certfr_avis

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	WebSphere	WebSphere Application Server - Liberty sans le correctif APAR PH70352 ou antérieures à 26.0.0.5 (disponibilité prévue au deuxième trimestre 2026)
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.7
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP15 IF02
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.18

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7270506	2026-04-23	vendor-advisory
Bulletin de sécurité IBM 7270594	2026-04-23	vendor-advisory
Bulletin de sécurité IBM 7270504	2026-04-23	vendor-advisory
Bulletin de sécurité IBM 7270508	2026-04-23	vendor-advisory
Bulletin de sécurité IBM 7270437	2026-04-22	vendor-advisory
Bulletin de sécurité IBM 7270505	2026-04-23	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "WebSphere Application Server - Liberty sans le correctif APAR PH70352 ou ant\u00e9rieures \u00e0 26.0.0.5 (disponibilit\u00e9 pr\u00e9vue au deuxi\u00e8me trimestre 2026)",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.7",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP15 IF02",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.18",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "\n",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2026-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
    },
    {
      "name": "CVE-2024-26984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26984"
    },
    {
      "name": "CVE-2026-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3621"
    },
    {
      "name": "CVE-2026-3497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3497"
    },
    {
      "name": "CVE-2026-1605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1605"
    },
    {
      "name": "CVE-2025-9820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-61662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61662"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2025-67030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
    },
    {
      "name": "CVE-2026-22732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
    },
    {
      "name": "CVE-2025-65018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
    },
    {
      "name": "CVE-2025-10158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10158"
    },
    {
      "name": "CVE-2026-4519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
    },
    {
      "name": "CVE-2026-23193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23193"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2026-22695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
    },
    {
      "name": "CVE-2026-2447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2447"
    },
    {
      "name": "CVE-2026-23231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23231"
    },
    {
      "name": "CVE-2025-71238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-71238"
    },
    {
      "name": "CVE-2025-14831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
    },
    {
      "name": "CVE-2026-25646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
    }
  ],
  "initial_release_date": "2026-04-24T00:00:00",
  "last_revision_date": "2026-04-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0492",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-04-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270506",
      "url": "https://www.ibm.com/support/pages/node/7270506"
    },
    {
      "published_at": "2026-04-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270594",
      "url": "https://www.ibm.com/support/pages/node/7270594"
    },
    {
      "published_at": "2026-04-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270504",
      "url": "https://www.ibm.com/support/pages/node/7270504"
    },
    {
      "published_at": "2026-04-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270508",
      "url": "https://www.ibm.com/support/pages/node/7270508"
    },
    {
      "published_at": "2026-04-22",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270437",
      "url": "https://www.ibm.com/support/pages/node/7270437"
    },
    {
      "published_at": "2026-04-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270505",
      "url": "https://www.ibm.com/support/pages/node/7270505"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2026-3621 (GCVE-0-2026-3621)

Vulnerability from cvelistv5

CERTFR-2026-AVI-0523

Vulnerability from certfr_avis

Solutions

CERTFR-2026-AVI-0492

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature