CVE-2024-49784

MEDIUM EPSS 1.6%
Published Jul 8, 202512mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Jul 8, 2025 12mo ago
Last Modified Jun 17, 2026 2w ago

Description

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
1.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-327

Affected Products 4

VendorProductVersionRange
ibmopenpages_with_watson*≥8.3  –  <8.3.0.3.1
ibmopenpages_with_watson*≥9.0  –  <9.0.0.5
linuxlinux_kernel*any
microsoftwindows*any

References 1

  • ibm.com https://www.ibm.com/support/pages/node/7239145
    PatchVendor Advisory

Remediation

  • ibm.com https://www.ibm.com/support/pages/node/7239145
    PatchVendor Advisory