IBM Security Verify Access code execution_CVE-2025-36355

8.5 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Description

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0

could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.

Basic Information

ID CVE-2025-36355

Source ibm

Published Oct 6, 2025 at 16:52

Affected Product

Vendor IBM

Product Security Verify Access Appliance

Version 10.0.0.0

Affected Versions IBM Security Verify Access Appliance 10.0.0.0
IBM Security Verify Access Appliance 11.0.0.0
IBM Security Verify Access Docker 10.0.0.0
IBM Security Verify Access Docker 11.0.0.0

CWE Classification

CWE-829

References

www.ibm.com /support/pages/node/7247215

{
    "lastseen": "",
    "description": "IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 \n\ncould allow a locally authenticated user to execute malicious scripts from outside of its control sphere.",
    "published": "2025-10-06T16:52:30.705Z",
    "modified": "2025-10-06T16:52:30.705Z",
    "type": "cve",
    "title": "IBM Security Verify Access code execution",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7247215",
    "id": "CVE-2025-36355",
    "bulletinFamily": "",
    "cwe": [
        "CWE-829"
    ],
    "cvelist": null,
    "sourceData": "IBM Security Verify Access Appliance 10.0.0.0\nIBM Security Verify Access Appliance 11.0.0.0\nIBM Security Verify Access Docker 10.0.0.0\nIBM Security Verify Access Docker 11.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Security Verify Access Appliance",
    "version": "10.0.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}