PT-2024-26324 · Ibm · Ibm Openpages With Watson
Warren Lucas
·
Published
2024-12-11
·
Updated
2024-12-11
·
CVE-2024-35117
CVSS v3.1
4.4
Medium
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM OpenPages with Watson version 9.0
Description
The issue allows sensitive information to be written in clear text to the system tracing log files under specific configurations. This information could be obtained by a privileged user.
Recommendations
For IBM OpenPages with Watson version 9.0, consider restricting access to the system tracing log files to minimize the risk of sensitive information exposure until a fix is available.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Openpages With Watson