Ibm

Openpages With Watson

24 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2025-36082

  • EPSS 0.01%
  • Published 15.09.2025 15:31:45
  • Last modified 24.09.2025 13:17:27

IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system.

4.3

CVE-2025-1112

  • EPSS 0.05%
  • Published 09.07.2025 14:33:12
  • Last modified 14.07.2025 17:53:48

IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.

4.3

CVE-2025-2670

  • EPSS 0.04%
  • Published 09.07.2025 14:27:56
  • Last modified 14.08.2025 18:48:18

IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain informatio...

4.3

CVE-2025-27369

  • EPSS 0.05%
  • Published 08.07.2025 18:43:15
  • Last modified 14.07.2025 17:51:19

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able ...

6.5

CVE-2025-27367

  • EPSS 0.07%
  • Published 08.07.2025 18:42:25
  • Last modified 14.07.2025 18:00:43

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted paylo...

6.5

CVE-2024-49783

  • EPSS 0.07%
  • Published 08.07.2025 18:36:50
  • Last modified 14.07.2025 17:56:36

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encr...

6.5

CVE-2024-49784

  • EPSS 0.02%
  • Published 08.07.2025 18:35:23
  • Last modified 14.07.2025 17:59:28

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to serv...

6.1

CVE-2023-43039

  • EPSS 0.05%
  • Published 08.07.2025 18:25:54
  • Last modified 14.07.2025 17:54:48

IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...

7.1

CVE-2024-49781

  • EPSS 0.38%
  • Published 20.02.2025 12:15:10
  • Last modified 11.03.2025 13:45:47

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resource...

8.8

CVE-2024-49779

  • EPSS 0.1%
  • Published 20.02.2025 12:15:10
  • Last modified 11.03.2025 13:55:21

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. By modifying the CSRF token and Session Id cookie parameters ...