- Description
- IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
- Products
- security_verify_access, security_verify_access_docker, verify_identity_access, verify_identity_access_docker
CVSS 3.1
- Type
- Secondary
- Base score
- 8.5
- Impact score
- 5.3
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
- Severity
- HIGH
- psirt@us.ibm.com
- CWE-829
- Hype score
- Not currently trending
CVE-2025-36355 Local Script Execution Vulnerability in IBM Security Verify Acces... https://t.co/Qd92scHb4z Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
6 Oct 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-36355 IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to… https://t.co/YmlBhXeLw9
@CVEnew
6 Oct 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA4ADF8-014B-4A43-AE12-CC7D46B0F8BF",
"versionEndExcluding": "10.0.9.0",
"versionStartIncluding": "10.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9916DF0F-8A3E-4CB4-957F-286E168666A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix1:*:*:*:*:*:*",
"matchCriteriaId": "05FBA01C-DDCD-4B80-B14B-81DAB052CC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix2:*:*:*:*:*:*",
"matchCriteriaId": "149CA168-1117-4B50-8F5A-B72D4BCC65F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF4D7D4-0D01-44CA-84A2-2EA59802D1CB",
"versionEndExcluding": "10.0.9.0",
"versionStartIncluding": "10.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7E76C6CF-1E2A-403E-9C7F-619BE2057468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix1:*:*:*:*:*:*",
"matchCriteriaId": "B8BF3374-6B03-4A25-9F4D-F88C091804C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix2:*:*:*:*:*:*",
"matchCriteriaId": "C8D09601-F55B-4307-8BEE-218F5CAC2138",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16595130-3A46-4DD1-9DAA-53E534306975",
"versionEndExcluding": "11.0.1.0",
"versionStartIncluding": "11.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access:11.0.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4A7A934C-F8B6-44D1-9591-A3FDB86BEECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81BD4D96-C9E9-422B-B18A-61ECFE711884",
"versionEndExcluding": "11.0.1.0",
"versionStartIncluding": "11.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:11.0.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C06D5AD-67DD-46FA-BDF7-39A2E0EAAF95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]