CVE-2025-14150

Summary

IBM webMethods Integration (on prem) - Integration Server 10.15 through IS_10.15_Core_Fix2411.1 to IS_11.1_Core_Fix8 IBM webMethods Integration could disclose sensitive user information in server responses.

Affected Software

VendorProductVersion RangeStatus
IBMwebMethods Integration (on prem) - Integration Server10.15 <= IS_10.15_Core_Fix2411.1 to IS_11.1_Core_Fix8affected

Weaknesses

  • CWE-497: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References