Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openpages_with_watson
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-08-31 | CVE-2021-29907 | IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633. | Openpages_with_watson | 8.8 | ||
| 2024-01-19 | CVE-2023-38738 | IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594. | Openpages_with_watson | 8.1 | ||
| 2024-01-19 | CVE-2023-40683 | IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005. | Openpages_with_watson | 8.8 | ||
| 2024-09-10 | CVE-2024-27257 | IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. | Openpages_grc_platform, Openpages_with_watson | 4.3 | ||
| 2024-08-22 | CVE-2024-35151 | IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. | Openpages_grc_platform, Openpages_with_watson | 6.5 |