Verify Identity Access CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-36087	1 Ibm	3 Security Verify Access, Security Verify Access Docker, Verify Identity Access	2025-10-20	8.1 High
IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10.0.0 through 10.0.9, and 11.0.0, under certain configurations, contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
CVE-2024-56343	1 Ibm	2 Security Verify Access, Verify Identity Access Digital Credentials	2025-08-24	4.3 Medium
IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request.
CVE-2024-56342	1 Ibm	2 Security Verify Access, Verify Identity Access Digital Credentials	2025-08-24	4.3 Medium
IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2024-45657	1 Ibm	2 Security Verify Access, Verify Identity Access	2025-08-05	5 Medium
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.
CVE-2024-43187	1 Ibm	2 Security Verify Access, Verify Identity Access	2025-08-05	5.9 Medium
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CVE-2024-40700	1 Ibm	2 Security Verify Access, Verify Identity Access	2025-08-05	6.1 Medium
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-45659	1 Ibm	2 Security Verify Access, Verify Identity Access	2025-08-05	5.3 Medium
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.

Page 1 of 1.