CVE-2023-38738

Name of the Vulnerable Software and Affected Versions IBM OpenPages with Watson versions 8.3 through 9.0

Description The issue provides weaker than expected security in an OpenPages environment using Native authentication. An attacker with access to the OpenPages database could exploit this weakness through a series of specially crafted steps and gain unauthorized access to other OpenPages accounts.

Recommendations For versions 8.3 and 9.0, consider disabling Native authentication until a patch is available to prevent unauthorized access. Restrict access to the OpenPages database to minimize the risk of exploitation. As a temporary workaround, limit the use of OpenPages accounts to essential tasks only until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.