CVE-2024-49779

Medium CVSS: 4.3

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages

could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. By modifying the CSRF token and Session Id cookie parameters using the cookies of another user, a remote attacker could exploit this vulnerability to bypass security restrictions and gain unauthorized access to the vulnerable application.

Vendor

Ibm

Product

Openpages With Watson

CWE

CWE-352

Yayın Tarihi

2025-02-20 12:15:10

Güncelleme

2025-03-11 13:55:21

Source Identifier

psirt@us.ibm.com

KEV Date Added

Kategoriler

CWE-352 Openpages With Watson MEDIUM Ibm 2025

Referanslar

https://www.ibm.com/support/pages/node/7183541

Benzer Kayıtlar

Medium

CVE-2025-13044

IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite ar…

Medium

CVE-2026-1243

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authe…

Low

CVE-2025-66487

IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send em…

Medium

CVE-2025-66486

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML co…

Medium

CVE-2025-66485

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by…

Medium

CVE-2025-66484

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to…