CNNVD-202510-794 Information

CNNVD ID

CNNVD-202510-794

Related CVE

CVE-2025-36354

• CNNVD Published: 2025-10-06

Description (Chinese)

IBM Security Verify Access（ISAM）和IBM Security Verify Access Docker都是美国国际商业机器（IBM）公司的产品。IBM Security Verify Access是一款提高用户访问安全的服务。IBM Security Verify Access Docker是一款可用于为Docker配置Security Verify Access环境的服务。 IBM Security Verify Access和IBM Security Verify Access Docker 10.0.0.0版本至10.0.9.0版本和11.0.0.0版本至11.0.1.0版本存在操作系统命令注入漏洞，该漏洞源于未验证用户输入，可能导致未经验证的用户执行任意命令。

Description (English)

IBM Security Services Access (ISAM) and IBM Security Services Docker are products of IBM. IBM Security Services Access is a service to improve user access security. The IBM Security Access Docker is a service that can be used to configure the security Verify Access environment for Docker. The IBM Security Services Access and the IBM Security Services Docker 10.0.0.0 to 10.0.0.0 and 11.0.0 to 11.0.1.0 have a gap in the operating system commands, which originates from unverified user input and may result in arbitrary orders being executed by uncertified users.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

国际商业机器

Published

2025-10-06

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7247215

Patch

https://www.ibm.com/support/pages/node/7247215