Ibm: Security Vulnerabilities
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain information about the application framework which could be used in reconnaissance to gather information for future attacks from a detailed technical error message.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-07-10
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-07-10
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-10
IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-07-09
IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-07-09
IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-08
IBM OpenPages with Watson 8.3 and 9.0
is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-07-08
IBM OpenPages with Watson 8.3 and 9.0
is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-08
IBM OpenPages with Watson 8.3 and 9.0
could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-08
IBM OpenPages with Watson 8.3 and 9.0
could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability to use additional cryptographic methods to possibly extract the encrypted data.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-08