VYPR

IBM Security Verify Access Docker

by IBM

CVEs (31)

  • CVE-2025-36356CriOct 6, 2025
    risk 0.60cvss 9.3epss 0.00

    IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.

  • CVE-2025-36355HigOct 6, 2025
    risk 0.55cvss 8.5epss 0.00

    IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.

  • CVE-2024-35142HigMay 31, 2024
    risk 0.55cvss 8.4epss 0.00

    IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. IBM X-Force ID: 292418.

  • CVE-2023-31003HigJan 11, 2024
    risk 0.55cvss 8.4epss 0.00

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658.

  • CVE-2023-31004HigFeb 3, 2024
    risk 0.54cvss 8.3epss 0.01

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. IBM…

  • CVE-2021-29742HigJul 15, 2021
    risk 0.52cvss 8.0epss 0.00

    IBM Security Verify Access Docker 10.0.0 could allow a user to impersonate another user on the system. IBM X-Force ID: 201483.

  • CVE-2024-35141HigDec 19, 2024
    risk 0.51cvss 7.8epss 0.00

    IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.

  • CVE-2024-35140HigMay 31, 2024
    risk 0.50cvss 7.7epss 0.00

    IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.

  • CVE-2023-30999HigFeb 3, 2024
    risk 0.49cvss 7.5epss 0.01

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: …

  • CVE-2021-20497HigJul 15, 2021
    risk 0.49cvss 7.5epss 0.01

    IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969

  • CVE-2021-20439HigJul 15, 2021
    risk 0.49cvss 7.5epss 0.01

    IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.

  • CVE-2023-43016HigFeb 3, 2024
    risk 0.48cvss 7.3epss 0.01

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: …

  • CVE-2025-36354HigOct 6, 2025
    risk 0.47cvss 7.3epss 0.00

    IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied…

  • CVE-2021-20533HigJul 15, 2021
    risk 0.47cvss 7.2epss 0.02

    IBM Security Verify Access Docker 10.0.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 198813

  • CVE-2023-32327HigFeb 3, 2024
    risk 0.46cvss 7.1epss 0.01

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could…

  • CVE-2021-29699MedJul 15, 2021
    risk 0.44cvss 6.8epss 0.01

    IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600.

  • CVE-2023-31006MedFeb 3, 2024
    risk 0.42cvss 6.5epss 0.01

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776.

  • CVE-2021-20537MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.01

    IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918

  • CVE-2023-32329MedFeb 3, 2024
    risk 0.40cvss 6.2epss 0.00

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force…

  • CVE-2023-31005MedFeb 3, 2024
    risk 0.40cvss 6.2epss 0.00

    IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. IBM X-Force…

Page 1 of 2