{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-1343/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.2,"id":"CVE-2026-1343"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["cve","cve-2026-1343","ssrf","ibm"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eIBM Verify Identity Access Container versions 11.0 through 11.0.2 and IBM Security Verify Access Container versions 10.0 through 10.0.9.1, as well as IBM Verify Identity Access versions 11.0 through 11.0.2 and IBM Security Verify Access versions 10.0 through 10.0.9.1, are vulnerable to Server-Side Request Forgery (SSRF). This flaw, identified as CVE-2026-1343, allows a remote, unauthenticated attacker to bypass the reverse proxy and access internal authentication endpoints. The vulnerability exists due to insufficient access controls on internal endpoints. Exploitation could lead to information disclosure or further compromise of the affected systems. Defenders should prioritize patching and monitoring for suspicious activity targeting internal resources.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable IBM Verify Identity Access or Security Verify Access Container instance.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious request targeting an internal authentication endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted request bypasses the reverse proxy due to inadequate access controls.\u003c/li\u003e\n\u003cli\u003eThe vulnerable server processes the malicious request, unintentionally exposing internal resources.\u003c/li\u003e\n\u003cli\u003eSensitive information about internal systems is exposed to the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker uses gathered information to perform unauthorized actions or further reconnaissance.\u003c/li\u003e\n\u003cli\u003eAttacker potentially compromises user accounts or internal infrastructure.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-1343 can lead to unauthorized access to sensitive internal information, potentially compromising user accounts and internal systems. This can result in data breaches, privilege escalation, and further attacks within the organization. While the specific number of affected organizations isn\u0026rsquo;t available, any organization using vulnerable versions of IBM Verify Identity Access Container or IBM Security Verify Access Container is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch or upgrade to a secure version of IBM Verify Identity Access Container or IBM Security Verify Access Container as described in \u003ca href=\"https://www.ibm.com/support/pages/node/7268253\"\u003eIBM\u0026rsquo;s advisory\u003c/a\u003e to remediate CVE-2026-1343.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Suspicious Access to Internal Endpoints via Proxy Bypass\u003c/code\u003e to detect exploitation attempts by monitoring web server logs for abnormal requests patterns targeting internal endpoints.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to restrict access to internal resources from the internet.\u003c/li\u003e\n\u003cli\u003eReview access control configurations on the reverse proxy to ensure proper protection of internal endpoints.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-08T01:16:40Z","date_published":"2026-04-08T01:16:40Z","id":"/briefs/2026-04-ibm-verify-ssrf/","summary":"CVE-2026-1343 allows an attacker to contact internal authentication endpoints protected by the Reverse Proxy in IBM Verify Identity Access Container and IBM Security Verify Access Container.","title":"IBM Verify and Security Verify Access Container Server-Side Request Forgery Vulnerability (CVE-2026-1343)","url":"https://feed.craftedsignal.io/briefs/2026-04-ibm-verify-ssrf/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-1343","version":"https://jsonfeed.org/version/1.1"}