Vulnerability Details CVE-2025-14290
IBM webMethods Integration (on prem) -Integration Server 10.15 through IS_10.15_Core_Fix2611.1 to IS_11.1_Core_Fix10 IBM webMethods Integration is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.0%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-14290
-
cpe:2.3:a:ibm:webmethods_integration_server:10.15.0
-
cpe:2.3:a:ibm:webmethods_integration_server:11.1.0