Unauthorized Modifications in IBM Verify Identity Access and Security Verify Access
CVE-2026-4938
6.5MEDIUM
Key Information:
- Vendor
IBM
- Status
- Vendor
- CVE Published:
- 17 July 2026
What is CVE-2026-4938?
A vulnerability exists in IBM Verify Identity Access and IBM Security Verify Access that allows attackers with read-only privileges to perform unauthorized modifications and deployments. This issue arises from improper access control mechanisms that fail to restrict certain actions outside the user's assigned permissions. As a result, this can lead to potentially serious security implications if exploited.
Affected Version(s)
Security Verify Access 10.0 <= 10.0.9.1
Security Verify Access Container 10.0 <= 10.0.9.1
Verify Identity Access 11.0 <= 11.0.2