Vulnerability Database

317,182

Total vulnerabilities in the database

CVE-2023-35890

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.

Published: Jul 7, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-35890
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.1
AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-327

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	9.0.5.16	9.0.5.16.x
ibm / websphere_application_server	9.0.5.15	9.0.5.15.x
ibm / websphere_application_server	8.5.5.23	8.5.5.23.x

https://https://www.ibm.com/support/pages/node/7007857
https://www.ibm.com/support/pages/node/7007857

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo