← back
CVE-2024-49355

IBM OpenPages log manipulation

CVSS 5.3 MEDIUMEPSS 0.3%CWE-117
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
20 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected products
IBM · OpenPages with Watson

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7183541