Cyber Resilience

CVE-2025-14917

Medium

Published: 25 March 2026

Published
25 March 2026
Modified
30 March 2026
KEV Added
Patch
CVSS Score v3.1 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0036 27.3th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2025-14917 is a medium-severity Use of Default Password (CWE-1393) vulnerability in Ibm Websphere Application Server. Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Disable or Modify Tools (T1685); ranked at the 27.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-14917 is a vulnerability in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 that could provide weaker than expected security when administering security settings. Published on 2026-03-25, it is associated with CWE-1393 and carries a CVSS 3.1 base score of 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

The vulnerability can be exploited by a local attacker requiring high privileges on the affected system. With low attack complexity and no user interaction needed, a successful exploit enables high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and disruption of availability.

IBM has issued a security advisory with details on the issue and recommended mitigations at https://www.ibm.com/support/pages/node/7267362.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
Why these techniques?

Vulnerability weakens administration of security settings in WebSphere Liberty, directly enabling a high-privileged local attacker to modify or disable security controls (impair defenses).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-14915Same product: Apple Macos
CVE-2026-8852Same product: Ibm Aix
CVE-2026-8850Same product: Ibm Aix
CVE-2026-8834Same product: Ibm Aix
CVE-2026-8835Same product: Ibm Aix
CVE-2026-8854Same product: Ibm Aix
CVE-2026-8855Same product: Ibm Aix
CVE-2026-8856Same product: Ibm Aix
CVE-2024-51459Same product: Ibm Aix
CVE-2026-42899Same product: Apple Macos

Affected Assets

ibm
websphere application server
17.0.0.3 — 26.0.0.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the flaw in WebSphere Liberty's security settings administration by applying vendor patches as recommended in the IBM advisory.

prevent

Enforces least privilege to limit local high-privilege (PR:H) access, reducing the accounts able to exploit weaker security during administration.

prevent

Restricts and authorizes access to configuration changes, preventing unauthorized or improper administration of security settings that could lead to exploitation.

References