Description
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.
Published: 2026-04-07
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution through Local Authentication
Action: Immediate Patch
AI Analysis

Impact

A locally authenticated user can execute malicious scripts from outside the system’s control sphere, effectively allowing arbitrary code execution. This vulnerability, categorized under CWE-829, could compromise confidentiality, integrity, and availability of the affected IBM Verify and Security Verify environments.

Affected Systems

IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1, along with their corresponding containerized editions (IBM Verify Identity Access Container 11.0–11.0.2 and IBM Security Verify Access Container 10.0–10.0.9.1).

Risk and Exploitability

The CVSS score of 8.5 indicates high severity, however the EPSS score of less than 1% suggests that exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalog. Attackers would need local authentication against the affected services and could exploit the flaw to run arbitrary scripts from an external source, potentially leading to full system compromise.

Generated by OpenCVE AI on April 9, 2026 at 19:24 UTC.

Remediation

Vendor Solution

IBM encourages customers to update their systems promptly.   Appliance:  Affected Products and Versions Fix availability IBM Verify Identity Access 11.0 - 11.0.2 Download IBM Verify Identity Access v11.0.2 IF1 https://www.ibm.com/support/fixcentral/quickorder IBM Security Verify Access 10.0 - 10.0.9.1 Download IBM Security Verify Access v10.0.9.1 IF1 https://www.ibm.com/support/fixcentral/quickorder   Container: Container Download https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers

Vendor Workaround

None None

OpenCVE Recommended Actions

  • Apply the IBM Verify Identity Access v11.0.2 IF1 patch from the IBM Fix Central download link.
  • Apply the IBM Security Verify Access v10.0.9.1 IF1 patch from the IBM Fix Central download link.
  • Update any deployed container images to the latest IBM Verify Identity Access Container and IBM Security Verify Access Container releases discovered at the provided container documentation URL.
  • Verify that no older or unpatched instances of the affected products remain in production.
  • If patching is delayed, enforce strict access controls for local user accounts to limit privilege escalation opportunities.

Generated by OpenCVE AI on April 9, 2026 at 19:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access_container:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access_container:*:*:*:*:*:*:*:*

Wed, 08 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
Description IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.
Title Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
First Time appeared Ibm
Ibm security Verify Access
Ibm security Verify Access Container
Ibm verify Identity Access
Ibm verify Identity Access Container
Weaknesses CWE-829
CPEs cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm security Verify Access
Ibm security Verify Access Container
Ibm verify Identity Access
Ibm verify Identity Access Container
References
Metrics cvssV3_1

{'score': 8.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L'}

Subscriptions

Ibm Security Verify Access Security Verify Access Container Verify Identity Access Verify Identity Access Container
cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-04-08T14:24:08.124Z

Reserved: 2026-01-22T15:34:08.326Z

Link: CVE-2026-1342

cve-icon Vulnrichment

Updated: 2026-04-08T14:24:04.709Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-08T00:16:03.860

Modified: 2026-04-09T18:29:07.290

Link: CVE-2026-1342

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:41:15Z

Weaknesses