Login Sign Up

CVE-2024-35142

8.4 HIGH

📋 TL;DR

This vulnerability in IBM Security Verify Access Docker allows local users to escalate their privileges by exploiting unnecessary privilege execution. It affects IBM Security Verify Access Docker versions 10.0.0 through 10.0.6. Attackers with local access can gain elevated permissions on affected systems.

💻 Affected Systems

Products:
  • IBM Security Verify Access Docker
Versions: 10.0.0 through 10.0.6
Operating Systems: Any OS running Docker containers
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Docker container deployments of IBM Security Verify Access, not other deployment methods.

📦 What is this software?

Security Verify Access Docker by Ibm

View all CVEs affecting Security Verify Access Docker →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains root/administrator privileges, compromising the entire container and potentially the host system through container escape techniques.

🟠

Likely Case

Local user escalates to higher privileges within the container, enabling unauthorized access to sensitive data and configuration.

🟢

If Mitigated

With proper access controls and container isolation, impact is limited to the specific container instance.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring local access to the container.
🏢 Internal Only: HIGH - Internal users with container access can exploit this to gain elevated privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access to the container. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.6.1 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7155356

Restart Required: Yes

Instructions:

1. Update to IBM Security Verify Access Docker version 10.0.6.1 or later. 2. Rebuild and redeploy affected containers. 3. Verify the update was successful.

🔧 Temporary Workarounds

Container Privilege Reduction

linux

Run containers with minimal privileges using Docker security options

docker run --security-opt=no-new-privileges --cap-drop=ALL --cap-add=NET_BIND_SERVICE [image]

User Namespace Remapping

linux

Use Docker user namespace isolation to prevent privilege escalation

dockerd --userns-remap=default

🧯 If You Can't Patch

  • Implement strict access controls to limit who can access Docker containers
  • Monitor container activity for privilege escalation attempts and unauthorized access

🔍 How to Verify

Check if Vulnerable:

Check IBM Security Verify Access Docker version: docker inspect [container] | grep -i version

Check Version:

docker inspect [container_name] | grep -A5 -B5 'IBM.*Verify.*Access'

Verify Fix Applied:

Verify version is 10.0.6.1 or later and test privilege escalation attempts fail

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events in container logs
  • Failed sudo/su attempts from non-admin users
  • Changes to user/group permissions

Network Indicators:

  • Unusual outbound connections from containers after local access

SIEM Query:

source="docker" AND (event="privilege_escalation" OR user_change="root")

📊 Metadata

CVE ID: CVE-2024-35142
CVSS v3 Score: 8.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-250
Published: May 31, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35142, you might also want to check these:

CVE-2022-1517 10.0

CVE-2022-1517 is a critical vulnerability in LRM (likely a network management system) that allows un...

Same vulnerability type (CWE-250)
CVE-2025-32445 9.9

This CVE allows authenticated users with EventSource/Sensor CRUD permissions in Argo Events to escal...

Same vulnerability type (CWE-250)
CVE-2024-8767 9.9

This CVE allows attackers to access and manipulate sensitive data due to excessive privileges assign...

Same vulnerability type (CWE-250)