CVE-2026-10852 - Vulnerability Details - OpenCVE

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	I

No data.

No data.

No data.

References

Link	Providers
https://www.ibm.com/support/pages/node/7277344

History

Mon, 22 Jun 2026 20:00:00 +0000

Type	Values Removed	Values Added
Description		IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.
Title		IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty
First Time appeared		Ibm Ibm i
Weaknesses		CWE-476
CPEs		cpe:2.3:a:ibm:i:7.3.0:::::::* cpe:2.3:a:ibm:i:7.3:::::::* cpe:2.3:a:ibm:i:7.4.0:::::::* cpe:2.3:a:ibm:i:7.4:::::::* cpe:2.3:a:ibm:i:7.5.0:::::::* cpe:2.3:a:ibm:i:7.5:::::::* cpe:2.3:a:ibm:i:7.6.0:::::::* cpe:2.3:a:ibm:i:7.6:::::::*
Vendors & Products		Ibm Ibm i
References		https://www.ibm.com/support/pages/node/7277344
Metrics		cvssV3_1 `{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-06-22T19:32:28.668Z

Updated: 2026-06-22T19:34:00.491Z

Reserved: 2026-06-04T12:38:07.335Z

Link: CVE-2026-10852

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-10852", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-06-04T12:38:07.335Z", "datePublished": "2026-06-22T19:32:28.668Z", "dateUpdated": "2026-06-22T19:34:00.491Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-06-22T19:34:00.491Z"}, "title": "IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "i", "versions": [{"status": "affected", "version": "7.6"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.4"}, {"status": "affected", "version": "7.3"}], "cpes": ["cpe:2.3:a:ibm:i:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:i:7.3.0:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7277344", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}}], "solutions": [{"lang": "en", "value": "IBM strongly recommends addressing the vulnerabilities now.\n\nIBM i Release5770-SS1 Option 3\nPTF Number(s)PTF Download Link(s)7.6SJ10122 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10122 7.5SJ10121 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10121 7.4SJ10120 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10120 7.3SJ10119 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10119 \n\n\n\nIBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p><strong>IBM strongly recommends addressing the vulnerabilities now.</strong></p><div><table><colgroup><col/><col/><col/></colgroup><thead><tr><td><strong>IBM i Release</strong></td><td><strong>5770-SS1 Option 3<br/>PTF Number(s)</strong></td><td><strong>PTF Download Link(s)</strong></td></tr></thead><tbody><tr><td>7.6</td><td>SJ10122</td><td><a href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10122\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10122</a></td></tr><tr><td>7.5</td><td>SJ10121</td><td><a href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10121\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10121</a></td></tr><tr><td>7.4</td><td>SJ10120</td><td><a href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10120\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10120</a></td></tr><tr><td>7.3</td><td>SJ10119</td><td><a href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10119\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ10119</a></td></tr></tbody></table></div><p>IBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products.</p>"}]}], "x_generator": {"engine": "ibm-cvegen"}}}}