PT-2025-7428 · Ibm · Ibm Openpages With Watson

Published

2025-02-19

Updated

2025-03-11

CVE-2024-49355

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM OpenPages with Watson versions 8.3 through 9.0

Description The issue allows IBM OpenPages with Watson to write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature.

Recommendations For versions 8.3 and 9.0, consider disabling the System Tracing feature until a patch is available to prevent improperly neutralized data from being written to server log files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-117CWE-116

Related Identifiers

BDU:2025-06817

CVE-2024-49355

Affected Products

Ibm Openpages With Watson

PT-2025-7428 · Ibm · Ibm Openpages With Watson

CVE-2024-49355

Weakness Enumeration

Related Identifiers

Affected Products

References · 8