CVE-2025-14917
Published: 25 March 2026
Summary
CVE-2025-14917 is a medium-severity Use of Default Password (CWE-1393) vulnerability in Ibm Websphere Application Server. Its CVSS base score is 6.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Disable or Modify Tools (T1685); ranked at the 27.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-14917 is a vulnerability in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 that could provide weaker than expected security when administering security settings. Published on 2026-03-25, it is associated with CWE-1393 and carries a CVSS 3.1 base score of 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
The vulnerability can be exploited by a local attacker requiring high privileges on the affected system. With low attack complexity and no user interaction needed, a successful exploit enables high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and disruption of availability.
IBM has issued a security advisory with details on the issue and recommended mitigations at https://www.ibm.com/support/pages/node/7267362.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-209021
Vulnerability details
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability weakens administration of security settings in WebSphere Liberty, directly enabling a high-privileged local attacker to modify or disable security controls (impair defenses).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the flaw in WebSphere Liberty's security settings administration by applying vendor patches as recommended in the IBM advisory.
Enforces least privilege to limit local high-privilege (PR:H) access, reducing the accounts able to exploit weaker security during administration.
Restricts and authorizes access to configuration changes, preventing unauthorized or improper administration of security settings that could lead to exploitation.