PT-2026-29617 · Ibm · Verify Identity Access+3

Published

2026-04-01

Updated

2026-04-02

CVE-2026-1491

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Verify Identity Access Container versions 11.0 through 11.0.2 IBM Security Verify Access Container versions 10.0 through 10.0.9.1 IBM Verify Identity Access versions 11.0 through 11.0.2 IBM Security Verify Access versions 10.0 through 10.0.9.1

Description IBM Security Verify may allow a remote attacker to access sensitive information due to an inconsistent interpretation of an HTTP request by a reverse proxy.

Recommendations Update IBM Verify Identity Access Container to a version later than 11.0.2. Update IBM Security Verify Access Container to a version later than 10.0.9.1. Update IBM Verify Identity Access to a version later than 11.0.2. Update IBM Security Verify Access to a version later than 10.0.9.1.

Fix

HTTP Request/Response Smuggling

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-444

Related Identifiers

CVE-2026-1491

Affected Products

Ibm Security Verify Access

Ibm Security Verify Access Container

Verify Identity Access

Ibm Verify Identity Access Container

PT-2026-29617 · Ibm · Verify Identity Access+3

CVE-2026-1491

Weakness Enumeration

Related Identifiers

Affected Products

References · 3