CVE-2023-25927

high

Description

IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635.

References

https://www.ibm.com/support/pages/node/6989653?_ga=2.22490043.1644592052.1684753176-785517468.1677620719

https://exchange.xforce.ibmcloud.com/vulnerabilities/247635

http://seclists.org/fulldisclosure/2024/Nov/1

http://seclists.org/fulldisclosure/2024/Nov/0

Details

Source: Mitre, NVD

Published: 2023-05-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.01052