PT-2025-41743 · Ibm · Ibm Verify Identity Access Container+1
Published
2025-10-13
·
Updated
2025-10-20
·
CVE-2025-36087
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Security Verify Access versions 10.0.0 through 10.0.9 and 11.0.0
IBM Verify Identity Access Container versions 10.0.0 through 10.0.9 and 11.0.0
Description
The software contains hard-coded credentials, such as passwords or cryptographic keys, used for inbound authentication, outbound communication to external components, or encryption of internal data. These credentials could potentially lead to unauthorized access.
Recommendations
IBM Security Verify Access versions 10.0.0 through 10.0.9 should be updated.
IBM Security Verify Access version 11.0.0 should be updated.
IBM Verify Identity Access Container versions 10.0.0 through 10.0.9 should be updated.
IBM Verify Identity Access Container version 11.0.0 should be updated.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Security Verify Access
Ibm Verify Identity Access Container