CVE-2025-27367
published 2025-07-08CVE-2025-27367: IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
IBM OpenPages with Watson 8.3 and 9.0
is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | openpages_with_watson | — | — |
| ibm | openpages_with_watson | — | — |
| ibm | openpages_with_watson | >= 8.3 < 8.3.0.3.2 | 8.3.0.3.2 |
| ibm | openpages_with_watson | >= 9.0 < 9.0.0.5.3 | 9.0.0.5.3 |
| msrc | cbl2_bolt_on_cbl_mariner_2.0 | — | — |