Ibm Openpages With Watson
20 CVEs affecting Ibm Openpages With Watson. Latest disclosed: 2025-07-09. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-40683 | High | 8.8 | 2024-01-19 | IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticati… |
CVE-2021-29907 | High | 8.8 | 2021-08-31 | IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 20763… |
CVE-2024-49781 | High | 7.1 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker… |
CVE-2024-49782 | Medium | 6.8 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit th… |
CVE-2023-38738 | Medium | 6.8 | 2024-01-19 | IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is usin… |
CVE-2024-35151 | Medium | 6.5 | 2024-08-22 | IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. |
CVE-2023-43039 | Medium | 6.1 | 2025-07-08 | IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2024-49337 | Medium | 5.4 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to HTML injection, caused by improper validation of user-supplied input of text fields… |
CVE-2024-37527 | Medium | 5.4 | 2025-01-27 | IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code… |
CVE-2025-27367 | Medium | 5.3 | 2025-07-08 | IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requir… |
CVE-2024-49783 | Medium | 5.3 | 2025-07-08 | IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with ac… |
CVE-2024-49784 | Medium | 5.3 | 2025-07-08 | IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authen… |
CVE-2024-49780 | Medium | 5.3 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. An attacker with privileges to perform… |
CVE-2024-49355 | Medium | 5.3 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. |
CVE-2024-35117 | Medium | 4.4 | 2024-12-11 | IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtai… |
CVE-2025-1112 | Medium | 4.3 | 2025-07-09 | IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users. |
CVE-2025-27369 | Medium | 4.3 | 2025-07-08 | IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certa… |
CVE-2024-49344 | Medium | 4.3 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a user logs in an… |
CVE-2024-49779 | Medium | 4.3 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper validation and manageme… |
CVE-2024-43196 | Medium | 4.3 | 2025-02-20 | IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to… |