CVE-2025-36356

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required...

CVE-2023-30999

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651...

CVE-2024-35140

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416...

Security Bulletin: Multiple Security Vulnerabilities were discovered in IBM Security Verify Access Container (CVE-2024-35140, CVE-2024-35141, CVE-2024-35142)

Summary Vulneribities were discovered during an assessment of the IBM Security Verify Access Container Product. They were addressed in the ISVA 10.0.7 release. Vulnerability Details CVEID:CVE-2024-35142 DESCRIPTION: IBM Security Verify Access could allow a local user to escalate their privileges...

PT-2024-9737 · Ibm · Ibm Security Verify Access Docker

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Docker versions 10.0.0 through 10.0.6 Description: The issue is related to errors in privilege management in the IBM Security Verify Access Docker environment. It may allow an attacker to escalate their privileges d...

PT-2024-12256 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue is related to denial of service attacks on the DSC server. Recommendations: Fo...

PT-2024-1725 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue is related to the incorrect restriction of XML external entity references in t...

CVE-2023-31001 IBM Security Access Manager Container information disclosure

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653...

Security Bulletin: IBM Security Verify Access fixed a security vulnerability in the product.

Summary IBM Security Verify Access with the advanced access control authentication service enabled could allow an attacker to authenticate as any user on the system. Vulnerability Details CVEID: CVE-2021-39070 DESCRIPTION: IBM Security Verify Access with the advanced access control authentication...

CVE-2021-20537

IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918...

CVE-2021-29699

IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600...

CVE-2021-20533

IBM Security Verify Access Docker 10.0.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 198813...

CVE-2021-20537

IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918...

CVE-2021-20499

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973...

CVE-2021-20500

IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980...

CVE-2021-20523

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 198660...

CVE-2021-20439

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user...

CVE-2021-20439

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user...

CVE-2021-20439

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user...