PT-2026-27496 · Ibm · Ibm Websphere Application Server Liberty
Published
2026-03-24
·
Updated
2026-03-25
·
CVE-2026-1561
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3
Description
IBM WebSphere Application Server Liberty is susceptible to server-side request forgery (SSRF). This condition could enable a remote attacker to submit unauthorized requests from the system. Successful exploitation may lead to network enumeration or enable further attacks. The vulnerability involves the ability to make requests from the server itself, potentially accessing internal resources or external systems on behalf of the attacker.
Recommendations
Update IBM WebSphere Application Server Liberty to a version beyond 26.0.0.3.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Websphere Application Server Liberty