1. Home
  2. CVE Database
  3. CVE-2025-36354
HIGH · 7.3

CVE-2025-36354

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lowe...

Vulnerability Description

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input.

CVSS Score

7.3

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
IbmSecurity Verify Access>= 10.0.0.0, < 10.0.9.0
IbmSecurity Verify Access Docker>= 10.0.0.0, < 10.0.9.0
IbmVerify Identity Access>= 11.0.0.0, < 11.0.1.0
IbmVerify Identity Access Docker>= 11.0.0.0, < 11.0.1.0

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2025-36354?

CVE-2025-36354 is a vulnerability with a CVSS score of 7.3 (HIGH). IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lowe...

How severe is CVE-2025-36354?

CVE-2025-36354 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-36354?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Verify Access, Ibm Security Verify Access Docker, Ibm Verify Identity Access, Ibm Verify Identity Access Docker.