595 matches found
CVE-2023-38738
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
CVE-2023-38738
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
CVE-2023-40683
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
CVE-2023-40683
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
Authentication flaw
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
Authorization
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
CVE-2023-40683 IBM OpenPages with Watson privilege escalation
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
CVE-2023-40683
IBM OpenPages with Watson versions 8.3 and 9.0 are affected by CVE-2023-40683. The issue arises from insufficient authorization checks in API requests, enabling an attacker authenticated as an OpenPages user to bypass security and gain unauthorized administrative access. The documented remediatio...
CVE-2023-40683 IBM OpenPages with Watson privilege escalation
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized...
CVE-2023-38738 IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
CVE-2023-38738
CVE-2023-38738 affects IBM OpenPages with Watson versions 8.3 and 9.0, where Native authentication may yield weaker password security. Attacker with OpenPages DB access could potentially access other OpenPages accounts due to this weakness. IBM remediation is to switch password storage from symme...
CVE-2023-38738 IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit...
IBM OpenPages with Watson Security Vulnerability
IBM OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a numb...
IBM OpenPages with Watson Permission License and Access Control Issues Vulnerability
IBM OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automating, measuring, monitoring, analyzing, and managing risk data through integration, automat...
PT-2024-12905 · Ibm · Ibm Openpages With Watson
Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue is caused by insufficient authorization checks, allowing a remote attacker to bypass security restrictions. By authenticating as an OpenPages user and using non-public...
PT-2024-12764 · Ibm · Ibm Openpages With Watson
Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue provides weaker than expected security in an OpenPages environment using Native authentication. An attacker with access to the OpenPages database could exploit this...
Security Bulletin: IBM OpenPages Is Vulnerable to Security Checks bypass (CVE-2023-40683)
Summary A vulnerability caused by insufficient authorization checks of API requests by an authorized user is addressed. Vulnerability Details CVEID:CVE-2023-40683 DESCRIPTION: IBM OpenPages could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. B...
Security Bulletin: Multiple AngularJS Vulerabilities Affects IBM OpenPages with Watson
Summary AngularJS library is used by IBM OpenPages. Multiple vulnerabilties are being disclosed from AngularJS within this bulletin. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service, caused by a regular...
Security Bulletin: IBM OpenPages Is Vulnerable to Privilege Escalation attack (CVE-2023-38738)
Summary IBM OpenPages with Watson is affected by unauthorized account access due to Native authentication method. This vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-38738 DESCRIPTION: IBM OpenPages could provide weaker than expected security in a OpenPages environment using...
Security Bulletin: Multiple security vulnerabilities Affect IBM WebSphere Application Server Liberty shipped with IBM OpenPages
Summary IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in multiple security bulletins. These products have addressed the applicable CVEs...