Data Manipulation Vulnerability in IBM OpenPages with Watson
CVE-2024-43196

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Openpages With Watson
Vendor: CVE Published:; 20 February 2025

Summary

An authenticated user in IBM OpenPages with Watson versions 8.3 and 9.0 could exploit a vulnerability in the Questionnaires application. This vulnerability allows the user to manipulate existing data, leading to potential spoofing of responses submitted by other users, thereby compromising the integrity of the data.

Affected Version(s)

OpenPages with Watson 8.3, 9.0

References

https://www.ibm.com/support/pages/node/7183541

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Aug 7, 2024