CVE-2024-43196Improper Following of a Certificate's Chain of Trust in IBM Openpages With Watson

CWE-296Improper Following of a Certificate's Chain of Trust3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 71.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Openpages With Watson
Timeline
PublishedFeb 20

Description

IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/openpages_with_watson8.38.3.0.3+1
CVEListV5ibm/openpages_with_watson8.3, 9.0

🔴Vulnerability Details

2
GHSA
GHSA-jr7q-wmwf-2vf7: IBM OpenPages with Watson 82025-02-20
CVEList
IBM OpenPages data manipulation2025-02-20
CVE-2024-43196 — IBM vulnerability | cvebase