CVE-2025-0163

Summary

IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts.

Affected Software

VendorProductVersion RangeStatus
IBMSecurity Verify Access10.0 <= 10.0.8affected
IBMSecurity Verify Access Docker10.0 <= 10.0.8affected

Weaknesses

  • CWE-204: CWE-204 Response Discrepancy Information Exposure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References