CVE-2024-49783

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0

Description: The issue provides weaker than expected security in the storage of encrypted data. An authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data and exploit this to use additional cryptographic methods to possibly extract the encrypted data.

Recommendations: For IBM OpenPages with Watson versions 8.3 and 9.0, consider restricting access to the database and server files to minimize the risk of exploitation. As a temporary workaround, consider implementing additional cryptographic methods to further secure the encrypted data until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.