Wiz
Vulnerability DatabaseCVE-2022-22465

CVE-2022-22465
IBM Security Verify Access (formerly ISAM) vulnerability analysis and mitigation

Overview

IBM Security Access Manager Appliance versions 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 contain a local privilege escalation vulnerability due to improper access permissions. The vulnerability was assigned CVE-2022-22465 and was disclosed on July 6, 2022 (IBM Security Bulletin).

Technical details

The vulnerability has a CVSS v3.1 Base Score of 7.8 (High) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The attack requires local access, low complexity, low privileges, and no user interaction. The impact affects confidentiality, integrity, and availability, all rated as high (AttackerKB).

Impact

If exploited, this vulnerability allows a local user to obtain elevated privileges on the affected system. The vulnerability has high potential impact on system confidentiality, integrity, and availability (IBM Security Bulletin).

Mitigation and workarounds

IBM has released version 10.0.4.0 (10.0.4-ISS-ISVA-FP0000) to address this vulnerability. Users are advised to upgrade to this version as no workarounds or alternative mitigations are available (IBM Security Bulletin).

Additional resources

SourceThis report was generated using AI

Related IBM Security Verify Access (formerly ISAM) vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-36087CRITICAL9.8
  • IBM Security Verify Access (formerly ISAM)IBM Security Verify Access (formerly ISAM)
  • cpe:2.3:a:ibm:security_verify_access
NoNoOct 13, 2025
CVE-2025-36356CRITICAL9.3
  • IBM Security Verify Access (formerly ISAM)IBM Security Verify Access (formerly ISAM)
  • cpe:2.3:a:ibm:security_verify_access
NoNoOct 06, 2025
CVE-2025-36355HIGH8.5
  • IBM Security Verify Access (formerly ISAM)IBM Security Verify Access (formerly ISAM)
  • cpe:2.3:a:ibm:security_verify_access
NoNoOct 06, 2025
CVE-2025-36354HIGH7.3
  • IBM Security Verify Access (formerly ISAM)IBM Security Verify Access (formerly ISAM)
  • cpe:2.3:a:ibm:security_verify_access
NoNoOct 06, 2025
CVE-2025-0163MEDIUM5.3
  • IBM Security Verify Access (formerly ISAM)IBM Security Verify Access (formerly ISAM)
  • cpe:2.3:a:ibm:security_verify_access
NoYesJun 11, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo