CVE-2026-1343
HIGH WAF: Medium
CVSS 7.2
Published: 2026-04-08
CWE-918
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication endpoints which are protected by the Reverse Proxy.
WAF Coverage Analysis
Server-Side Request Forgery (SSRF)
Medium WAF Coverage
OWASP: A10:2021 SSRF
934xxx - Node.js / Generic Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| ibm | security_verify_access | 10.0.0 - 10.0.9.1 |
| ibm | security_verify_access_container | 10.0.0.0 - 10.0.9.1 |
| ibm | verify_identity_access | 11.0.0.0 - 11.0.2.0 |
| ibm | verify_identity_access_container | 11.0.0.0 - 11.0.2.0 |
References
- www.ibm.com (Vendor Advisory)