CVE-2025-36355
published 2025-10-06CVE-2025-36355: IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated…
high8.5CVSS 3.1
AVLACLPRNUINSCCHILAL
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0
could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_verify_access | — | — |
| ibm | security_verify_access | >= 10.0.0.0 < 10.0.9.0 | 10.0.9.0 |
| ibm | security_verify_access_appliance | 10.0.0.0 – 10.0.9.0 IF2 | — |
| ibm | security_verify_access_appliance | 11.0.0.0 – 11.0.1.0 | — |
| ibm | security_verify_access_docker | — | — |
| ibm | security_verify_access_docker | >= 10.0.0.0 < 10.0.9.0 | 10.0.9.0 |
| ibm | security_verify_access_docker | 10.0.0.0 – 10.0.9.0 IF2 | — |
| ibm | security_verify_access_docker | 11.0.0.0 – 11.0.1.0 | — |
| ibm | verify_identity_access | — | — |
| ibm | verify_identity_access | >= 11.0.0.0 < 11.0.1.0 | 11.0.1.0 |
| ibm | verify_identity_access_docker | — | — |
| ibm | verify_identity_access_docker | >= 11.0.0.0 < 11.0.1.0 | 11.0.1.0 |