PH68976:IBM WebSphere Application Server could provide weaker than expected security (CVE-2025-13333 CVSS 4.4)

Download

Downloadable File

File link	File size	File description

Abstract

IBM WebSphere Application Server could provide weaker than expected security (CVE-2025-13333 CVSS 4.4)

Download Description

View the Security Bulletin

PH68976 resolves the following problem:

ERROR DESCRIPTION:
Confidential for Security Integrity interim fix CVE-2025-13333.

PROBLEM SUMMARY:
Confidential for Security Integrity interim fix CVE-2025-13333.

PROBLEM CONCLUSION:
Confidential for CVE-2025-13333.

After this fix is installed, the following command must be run on cells that have aes-256 encrypted passwords to create a new 256-bit key and re-encrypt all passwords with the new key:

AdminTask.regenPasswordEncryptionKey()

The fix for this APAR is targeted for inclusion in 8.5.5.30 and 9.0.5.27.

For more information, see Recommended Updates for WebSphere Application Server: https://www.ibm.com/support/pages/node/715553.

Prerequisites

None

Download Package

IMPORTANT NOTE:	WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table. Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages.

IBM Installation Manager packages

DOWNLOAD	RELEASE DATE		URL
9.0.5.24-WS-WAS-IFPH68976	05 February 2026		FC
8.5.5.28-WS-WAS-IFPH68976	05 February 2026		FC

Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.

Problems Solved

PH68976

Technical Support

Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.5.5.28;8.5.5.29;9.0.5.24;9.0.5.25;9.0.5.26","Edition":"Base","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Problems (APARS) fixed
PH68976

Was this topic helpful?

Document Information

Modified date:
11 February 2026

UID

ibm17260117

Tips