High

Analysis Summary

CVE-2024-22338 CVSS:4

IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation.

CVE-2024-35142 CVSS:8.4

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.

CVE-2024-35141 CVSS:8.4

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.

CVE-2024-35140 CVSS:7.7

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation.

Impact

• Information Disclosure
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2024-22338
• CVE-2024-35142
• CVE-2024-35141
• CVE-2024-35140

Affected Vendors

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Verify Access OIDC Provider

IBM Security Verify Access Docker