What is CVE-2025-14923?

CVE-2025-14923 is a medium-severity vulnerability in Ibm Websphere Application Server - Liberty, classified under Use of Hard-coded Cryptographic Key. CVSS score: 4.7/10. Published 2026-03-03.

How severe is CVE-2025-14923?

Medium severity. CVSS v3 base score is 4.7 out of 10.

Vulnerability in Ibm Websphere Application Server - Liberty

CVE-2025-14923

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.

EPSS: 0.000 (10.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Ibm Websphere Application Server - Liberty — versions 17.0.0.3

Weakness classification (CWE)

CWE-321 — Use of Hard-coded Cryptographic Key

References

www.ibm.com/support/pages/node/7261761 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-14923?: CVE-2025-14923 is a medium-severity vulnerability in Ibm Websphere Application Server - Liberty, classified under Use of Hard-coded Cryptographic Key. CVSS score: 4.7/10. Published 2026-03-03.
How severe is CVE-2025-14923?: Medium severity. CVSS v3 base score is 4.7 out of 10.