Main Vulnerability Database Vulnerabilities #VU124875

#VU124875 Use of hard-coded cryptographic key in IBM WebSphere Application Server Liberty - CVE-2025-14923

Published: April 6, 2026

Vulnerability identifier: #VU124875

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-14923

CWE-ID: CWE-321

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
IBM WebSphere Application Server Liberty

Software vendor:
IBM Corporation

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings. A local user can gain unauthorized access to sensitive information on the system.

Remediation

Install updates from vendor's website.

External links

https://www.ibm.com/support/pages/node/7261761

#VU124875 Use of hard-coded cryptographic key in IBM WebSphere Application Server Liberty - CVE-2025-14923

Description

Remediation

External links

Please verify you're human