COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-9072

CVE-2026-9072

Severity
high
Source
NVD · cve
Published
2026-06-22
CVSS
8.1
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-9072
⚡ RCE shame 40/100 rce

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker i

Players implicated

IBM · vendori · product

Description

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in.

Affected FedRAMP products 5 in the catalog

ProductProviderStatusMatch
IBM Cloud for Government IBM Authorized vendor-exact · 0.90
IBM Federal HR Cloud IBM Authorized vendor-exact · 0.90
IBM Maximo and TRIRIGA on Cloud for U.S. Federal IBM Authorized vendor-exact · 0.90
MaaS360 Enterprise Mobility Management IBM Authorized vendor-exact · 0.90
SmartCloud for Government IBM Authorized vendor-exact · 0.90