Primary

Context

IBM Security Verify Directory Command Injection Vulnerability

Vulnerability

Patched

A command injection vulnerability has been identified in IBM Security Verify Directory versions 10.0.0 through 10.0.3. This vulnerability allows remote authenticated attackers to execute arbitrary commands on the system by sending specially crafted requests.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected system.

Remediation

Users are advised to update to the latest version of IBM Security Verify Directory. Version 10.0.3.1 is available for download. For more information, refer to the IBM Security Verify Directory Fix Level 10.0.3.1 Download Document.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Security Verify Directory Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Security Verify Directory

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating