CVE-2024-43176

CWE-282 CWE-276 — Incorrect Default Permissions3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.1%

top 73.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Openpages IBM Openpages With Watson

Timeline

PublishedJan 9

Description

IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶CVEListV5ibm/openpages9.0

▶NVDibm/openpages_with_watson9.0

🔴Vulnerability Details

GHSA

GHSA-f7vw-gj5c-49gc: IBM OpenPages 9↗2025-01-09

▶

CVEList

IBM OpenPages information disclosure↗2025-01-09

▶