Plattform
ibm
Komponente
verify-identity-access
Behoben in
11.0.3
10.0.10
11.0.3
10.0.10
CVE-2026-1342 describes a script execution vulnerability within IBM Verify Identity Access. This flaw allows a locally authenticated user to execute malicious scripts outside of their intended control sphere, potentially leading to unauthorized access and system compromise. The vulnerability impacts versions 10.0 through 11.0.2 of both the Container and non-Container deployments. IBM has released patches to address this issue.
Successful exploitation of CVE-2026-1342 could allow an attacker with local authentication to execute arbitrary code on the affected system. This could lead to a complete compromise of the IBM Verify Identity Access instance, enabling the attacker to steal sensitive user credentials, modify authentication policies, and potentially gain access to other systems within the network. The impact is particularly severe given that IBM Verify Identity Access is often used as a central authentication point, making it a prime target for attackers seeking to gain broader access to an organization's resources. The ability to execute arbitrary code effectively grants the attacker a root-level foothold, allowing for persistent access and lateral movement.
CVE-2026-1342 was publicly disclosed on April 7, 2026. The vulnerability's impact, combined with the potential for relatively easy exploitation by a locally authenticated user, suggests a medium probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits. It is not currently listed on CISA KEV. Monitor security advisories and threat intelligence feeds for any updates regarding active exploitation campaigns.
Organizations heavily reliant on IBM Verify Identity Access for single sign-on and multi-factor authentication are particularly at risk. Environments with weak local authentication policies or shared accounts are also more vulnerable. Those using older, unpatched versions of IBM Verify Identity Access (10.0 through 11.0.2) are directly affected.
• ibm: Examine system logs for unusual script execution patterns. Look for processes spawning from unexpected locations or executing unfamiliar scripts.
• linux / server: Use journalctl -u verify-identity-access to filter logs for errors or warnings related to script execution. Employ auditd rules to monitor file access and modification within the IBM Verify Identity Access installation directory.
• generic web: Monitor access logs for requests containing suspicious characters or attempting to execute scripts. Check response headers for unexpected content or error messages.
disclosure
Exploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-1342 is to upgrade to a patched version of IBM Verify Identity Access. IBM has released fixes for all affected versions. If immediate patching is not possible, consider implementing stricter access controls to limit the privileges of locally authenticated users. Review and harden the configuration of IBM Verify Identity Access to minimize the attack surface. Monitor system logs for any suspicious activity, particularly related to script execution. While a WAF is unlikely to directly mitigate this vulnerability, it can help detect and block malicious requests attempting to exploit it.
Aplique las actualizaciones de seguridad proporcionadas por IBM para IBM Verify Identity Access Container y IBM Security Verify Access Container a las versiones 11.0.3 o posterior y 10.0.10 o posterior, respectivamente. Consulte la nota de soporte de IBM (https://www.ibm.com/support/pages/node/7268253) para obtener instrucciones detalladas.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-1342 is a HIGH severity vulnerability allowing a locally authenticated user to execute malicious scripts in IBM Verify Identity Access versions 10.0-11.0.2, potentially leading to system compromise.
You are affected if you are using IBM Verify Identity Access versions 10.0 through 11.0.2, both Container and non-Container deployments. Check your version and upgrade immediately.
Upgrade to a patched version of IBM Verify Identity Access. Refer to the official IBM security advisory for specific version details and upgrade instructions.
As of now, there are no publicly known active exploitation campaigns, but the vulnerability's severity warrants immediate attention and mitigation.
Refer to the official IBM Security Bulletin for CVE-2026-1342 on the IBM Security Support website. Search for the CVE ID to find the relevant advisory.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.