CVE-2024-35117

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 79.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Openpages With Watson
Timeline
PublishedDec 11

Description

IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.7 | Impact: 3.6

Affected Packages2 packages

NVDibm/openpages_with_watson9.09.0.0.2

🔴Vulnerability Details

2
CVEList
IBM OpenPages with Watson information disclosure2024-12-11
GHSA
GHSA-5hgv-m339-hwv4: IBM OpenPages with Watson 92024-12-11
CVE-2024-35117 (MEDIUM CVSS 4.4) | IBM OpenPages with Watson 9.0 may w | cvebase.io