Improper Input Validation in IBM Security Verify Access Affects User Command Execution
CVE-2025-36354
7.3HIGH
Key Information:
- Vendor
IBM
- Vendor
- CVE Published:
- 6 October 2025
What is CVE-2025-36354?
IBM Security Verify Access and its Docker version contain a vulnerability that may allow an unauthenticated user to execute arbitrary commands with limited user privileges. This issue arises from insufficient validation of user-supplied input, making the affected systems potentially exploitable if not addressed with proper patches.
Affected Version(s)
Security Verify Access Appliance 10.0.0.0 <= 10.0.9.0 IF2
Security Verify Access Appliance 11.0.0.0 <= 11.0.1.0
Security Verify Access Docker 10.0.0.0 <= 10.0.9.0 IF2