CVE-2023-25927

IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635.

Published: May 12, 2023
Updated: May 25, 2023
CVE: CVE-2023-25927
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
ibm / security_verify_access	10.0.0	10.0.0.x
ibm / security_verify_access	10.0.1	10.0.1.x
ibm / security_verify_access	10.0.2	10.0.2.x
ibm / security_verify_access	10.0.3	10.0.3.x
ibm / security_verify_access	10.0.4	10.0.4.x
ibm / security_verify_access	10.0.5	10.0.5.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/247635
https://https://www.ibm.com/support/pages/node/6989653
https://www.ibm.com/support/pages/node/6989653?_ga=2.22490043.1644592052.1684753176-785517468.1677620719

Vulnerability Database

289,784

CVE-2023-25927