IBM Security Verify Access command execution_CVE-2025-36354

7.3 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Description

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0

could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input.

Basic Information

ID CVE-2025-36354

Source ibm

Published Oct 6, 2025 at 16:53

Affected Product

Vendor IBM

Product Security Verify Access Appliance

Version 10.0.0.0

Affected Versions IBM Security Verify Access Appliance 10.0.0.0
IBM Security Verify Access Appliance 11.0.0.0
IBM Security Verify Access Docker 10.0.0.0
IBM Security Verify Access Docker 11.0.0.0

CWE Classification

CWE-78

References

www.ibm.com /support/pages/node/7247215

{
    "lastseen": "",
    "description": "IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 \n\n\n\ncould allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input.",
    "published": "2025-10-06T16:53:43.179Z",
    "modified": "2025-10-06T16:53:43.179Z",
    "type": "cve",
    "title": "IBM Security Verify Access command execution",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7247215",
    "id": "CVE-2025-36354",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "IBM Security Verify Access Appliance 10.0.0.0\nIBM Security Verify Access Appliance 11.0.0.0\nIBM Security Verify Access Docker 10.0.0.0\nIBM Security Verify Access Docker 11.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Security Verify Access Appliance",
    "version": "10.0.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}