CVE-2024-49784
MEDIUM EPSS 1.6%
Published Jul 8, 202512mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Published Jul 8, 2025 12mo ago
Last Modified Jun 17, 2026 2w ago
Description
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None
Threat Intelligence
EPSS Exploit Probability
1.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-327
Affected Products 4
References 1
- ibm.com https://www.ibm.com/support/pages/node/7239145
Remediation
- ibm.com https://www.ibm.com/support/pages/node/7239145