Ibm Openpages With Watson — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Openpages With Watson, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2021-29907 — CVSS 8.8 (high): IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system…
CVE-2023-40683 — CVSS 8.8 (high): IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization…
CVE-2024-49781 — CVSS 7.1 (high): IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection (XXE) attack when processing XML…
CVE-2024-49782 — CVSS 6.8 (medium): IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker…
CVE-2023-38738 — CVSS 6.8 (medium): IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication…
CVE-2024-35151 — CVSS 6.5 (medium): IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization…
CVE-2023-43039 — CVSS 6.1 (medium): IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2024-49337 — CVSS 5.4 (medium): IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to HTML injection, caused by improper validation of user-supplied input…
CVE-2024-37527 — CVSS 5.4 (medium): IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed…
CVE-2024-43176 — CVSS 5.4 (medium): IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to…
CVE-2025-27367 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data…
CVE-2024-49784 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC…
CVE-2024-49355 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System…
CVE-2024-49783 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote…
CVE-2024-49780 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. An attacker with…
CVE-2024-35117 — CVSS 4.4 (medium): IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files…
CVE-2025-27369 — CVSS 4.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected…
CVE-2024-27257 — CVSS 4.3 (medium): IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to…
CVE-2024-43196 — CVSS 4.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application…
CVE-2024-49344 — CVSS 4.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a…
CVE-2024-49779 — CVSS 4.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper…
CVE-2025-1112 — CVSS 4.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to…