Unrated severityNVD Advisory· Published Dec 18, 2014· Updated Jun 17, 2026
CVE-2014-8890
CVE-2014-8890
Description
IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraints and ServletSecurity annotations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:*:*:*:*
- Range: <8.5.5.4
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.