vulnerability
IBM WebSphere Application Server: CVE-2024-37532: IBM WebSphere Application Server is vulnerable to identity spoofing (CVE-2024-37532)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Jun 20, 2024 | Jun 20, 2024 | Jun 23, 2026 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Jun 20, 2024
Added
Jun 20, 2024
Modified
Jun 23, 2026
Description
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation.
Solution
ibm-was-upgrade-latest
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.