CVE-2024-35117 MEDIUM

CVE-2024-35117: IBM OpenPages with Watson information disclosure

Vendor Ibm
Product OpenPages with Watson
Weakness CWE-312 · Cleartext storage
Published December 11, 2024
Last update January 27, 2025

CVSS base score

4.4/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user.

Key dates

02Disclosure timeline

December 11, 2024 CVE published
January 27, 2025 Record updated