CVE-2026-8644

Summary

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application Server9.0 <= 1.1.9.12affected
IBMWebSphere Application Server8.5affected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References