CNNVD-202510-1710 Information
CNNVD ID
CNNVD-202510-1710
Related CVE
- CNNVD Published: 2025-10-13
Description (Chinese)
IBM Security Verify Access(ISAM)和IBM Verify Identity Access Container都是美国国际商业机器(IBM)公司的产品。IBM Security Verify Access是一款提高用户访问安全的服务。IBM Verify Identity Access Container是一个为应用程序提供身份验证和授权功能的容器化软件。 IBM Security Verify Access(ISAM)和IBM Verify Identity Access Container存在信任管理问题漏洞,该漏洞源于某些配置中包含硬编码凭证,可能导致未经授权的访问。以下产品及版本受到影响:IBM Security Verify Access 10.0.0版本至10.0.9版本、11.0.0版本和IBM Verify Identity Access Container 10.0.0版本至10.0.9版本、11.0.0版本。
Description (English)
IBM Security Verify Access (ISAM) and IBM Verify Access Contact are products of the United States International Business Machine (IBM). IBM Security Services Access is a service to improve user access security. IBM Expert Access Contact is a containerized software that provides authentication and authorization functions for applications. There is a confidence management gap between IBM Security Verify Access (ISAM) and IBM Verify Access Contact, which arises from certain configurations containing hard-coded vouchers that may lead to unauthorized access. The following products and versions have been affected: IBM Security Verificy Access Version 10.0.0 to 10.0.9, 11.0.0 and IBM Verifiity Access Authority Version 10.0.0 to 10.0.9 and 11.0.
Hazard Level
Medium
Vulnerability Type
信任管理问题
Affected Vendor
国际商业机器
Published
2025-10-13
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7247753 https://access.redhat.com/security/cve/cve-2025-36087
Patch
https://www.ibm.com/support/pages/node/7247753
Share on: