{"name":"Improper Authorization in OpenPages with Watson APIs"}
CVE-2024-35151

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Openpages With Watson
Vendor: CVE Published:; 22 August 2024

Summary

IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.

Affected Version(s)

OpenPages with Watson 8.3, 9.0

References

https://www.ibm.com/support/pages/node/7165959

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/292638

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2024
Vulnerability Reserved
May 9, 2024

Collectors

NVD DatabaseMitre Database