9.3
CVE-2025-36356
- EPSS 0.02%
- Veröffentlicht 06.10.2025 16:50:48
- Zuletzt bearbeitet 15.12.2025 19:20:17
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Security Verify Access privilege escalation
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Verify Access Version >= 10.0.0.0 < 10.0.9.0
Ibm ≫ Security Verify Access Version10.0.9.0 Update-
Ibm ≫ Security Verify Access Version10.0.9.0 Updateinterim_fix1
Ibm ≫ Security Verify Access Version10.0.9.0 Updateinterim_fix2
Ibm ≫ Security Verify Access Docker Version >= 10.0.0.0 < 10.0.9.0
Ibm ≫ Security Verify Access Docker Version10.0.9.0 Update-
Ibm ≫ Security Verify Access Docker Version10.0.9.0 Updateinterim_fix1
Ibm ≫ Security Verify Access Docker Version10.0.9.0 Updateinterim_fix2
Ibm ≫ Verify Identity Access Version >= 11.0.0.0 < 11.0.1.0
Ibm ≫ Verify Identity Access Version11.0.1.0 Update-
Ibm ≫ Verify Identity Access Docker Version >= 11.0.0.0 < 11.0.1.0
Ibm ≫ Verify Identity Access Docker Version11.0.1.0 Update-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.038 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 9.3 | 2.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
CWE-250 Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.