Open Redirect Vulnerability in IBM Verify Identity Access and Security Verify Access Products
CVE-2026-7364

3.1LOW

What is CVE-2026-7364?

An open redirect vulnerability in IBM Verify Identity Access and IBM Security Verify Access products could enable remote attackers to conduct phishing attacks. By crafting a specially designed request, attackers might redirect users to arbitrary websites, potentially compromising user credentials or sensitive information. This vulnerability impacts several versions, emphasizing the need for immediate review and application of available security patches.

Affected Version(s)

Security Verify Access 10.0 <= 10.0.9.1

Security Verify Access Container 10.0 <= 10.0.9.1

Verify Identity Access 11.0 <= 11.0.2

References

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.