Cyber Resilience

CVE-2026-8856

High

Published: 26 May 2026

Published
26 May 2026
Modified
26 May 2026
KEV Added
Patch
CVSS Score v3.1 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0020 9.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-8856 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Ibm Http Server. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Endpoint Denial of Service (T1499); ranked at the 9.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499 Endpoint Denial of Service Impact
Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users.
Why these techniques?

CWE-400 resource exhaustion in HTTP server config enables T1499 Endpoint Denial of Service when write access exists.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-8852Same product: Ibm Aix
CVE-2026-8850Same product: Ibm Aix
CVE-2026-8834Same product: Ibm Aix
CVE-2026-8835Same product: Ibm Aix
CVE-2026-8854Same product: Ibm Aix
CVE-2026-8855Same product: Ibm Aix
CVE-2026-6052Same product: Ibm Aix
CVE-2026-6051Same product: Ibm Aix
CVE-2024-51459Same product: Ibm Aix
CVE-2025-14974Same product: Ibm Aix

Affected Assets

ibm
http server
8.5.0.0 — 8.5.5.30 · 9.0.0.0 — 9.0.5.29

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-400

Limiting concurrent sessions directly prevents uncontrolled resource consumption by capping the number of active sessions per user or account.

addresses: CWE-400

Analysis identifies uncontrolled resource consumption indicative of denial-of-service or abuse attempts.

addresses: CWE-400

Contingency plan testing includes resource exhaustion scenarios to verify recovery, making it harder for attackers to sustain exploits that cause uncontrolled consumption.

addresses: CWE-400

Updated contingency plans include current procedures to detect, contain, and recover from resource exhaustion, limiting an attacker's ability to sustain impact from uncontrolled consumption.

addresses: CWE-400

Alternate site allows resumption of operations if resource exhaustion at the primary site is exploited to cause unavailability.

addresses: CWE-400

Alternate telecommunications services enable resumption of essential functions when primary services become unavailable due to uncontrolled resource consumption.

addresses: CWE-400

The team can analyze and respond to resource exhaustion incidents, reducing the impact of attacks that exploit uncontrolled consumption weaknesses.

addresses: CWE-400

Timely maintenance support and spare parts enable rapid recovery from failures induced by uncontrolled resource consumption, shortening the impact window of denial-of-service attacks.

References