IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 08 Aug 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Ibm
Ibm security Verify Access
CPEs cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:11.0.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm security Verify Access

Thu, 20 Feb 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 20 Feb 2025 16:15:00 +0000

Type Values Removed Values Added
Description IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 and 11.0.0.0 could allow a local user to execute arbitrary code due to improper restrictions on code generation.
Title IBM Security Verify Access Appliance code injection
Weaknesses CWE-94
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-08-11T16:53:22.730Z

Reserved: 2024-12-31T19:09:12.900Z

Link: CVE-2025-0161

cve-icon Vulnrichment

Updated: 2025-02-20T16:22:57.869Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-20T16:15:36.333

Modified: 2025-08-08T19:42:26.290

Link: CVE-2025-0161

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.