Local Command Execution Vulnerability in IBM Security Verify Directory Container
CVE-2025-1411

7.8HIGH

Key Information:

Vendor: IBM
Status: IBM Security Verify Directory Container
Vendor: CVE Published:; 15 June 2025

What is CVE-2025-1411?

A local command execution vulnerability in IBM Security Verify Directory Container versions 10.0.0.0 through 10.0.3.1 may allow a local attacker to execute commands with elevated privileges. This occurs due to the application running with unnecessary permissions, potentially enabling unauthorized command execution as the root user. Organizations using affected versions should promptly evaluate their security posture and implement necessary mitigations to safeguard against potential exploitation.

References

https://www.ibm.com/support/pages/node/7236658

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2025