IBM Security Access Manager Container unauthorized access
Description
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: 266154.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Security Verify Access Container has a user account with an empty password, allowing remote attackers to log in without authentication.
Vulnerability
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) contains a user account with an empty password, allowing remote login without authentication [1].
Exploitation
A remote attacker can connect to the server and authenticate using the account with an empty password. No prior credentials or user interaction are required [1].
Impact
Successful exploitation grants the attacker unauthorized access to the system with the privileges of that user account, leading to potential information disclosure or further compromise [1].
Mitigation
IBM has addressed this vulnerability in a security update. Users should upgrade to a fixed version as specified in the IBM Security Verify Access security bulletin [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4>=10.0.0.0 <=10.0.6.1+ 2 more
- (no CPE)range: >=10.0.0.0 <=10.0.6.1
- (no CPE)range: 10.0.0.0
- (no CPE)range: 10.0.0.0
- Range: >=10.0.0.0 <=10.0.6.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.ibm.com/support/pages/node/7106586mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/266154mitrevdb-entry
News mentions
0No linked articles in our index yet.