Access Vulnerability in IBM Verify Identity and Security Access Containers
CVE-2026-1343

7.2HIGH

What is CVE-2026-1343?

An access control vulnerability exists in IBM Verify Identity Access Container and IBM Security Verify Access Container, allowing attackers to reach internal authentication endpoints. This flaw arises from insufficient restrictions enforced by the Reverse Proxy, potentially exposing sensitive information and leading to unauthorized access. Users of the impacted versions should apply the recommended patches to mitigate risks.

Affected Version(s)

Security Verify Access 10.0 <= 10.0.9.1

Security Verify Access Container 10.0 <= 10.0.9.1

Verify Identity Access 11.0 <= 11.0.2

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.