CVE-2025-1112 - Vulnerability Details - OpenCVE

IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Ibm	Openpages With Watson

No data.

No data.

References

Link	Providers
https://www.ibm.com/support/pages/node/7239151

History

Wed, 09 Jul 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 09 Jul 2025 14:45:00 +0000

Type	Values Removed	Values Added
Description		IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.
Title		IBM OpenPages with Watson information disclosure
First Time appeared		Ibm Ibm openpages With Watson
Weaknesses		CWE-282
CPEs		cpe:2.3:a:ibm:openpages_with_watson:8.3:::::::* cpe:2.3:a:ibm:openpages_with_watson:9.0:::::::*
Vendors & Products		Ibm Ibm openpages With Watson
References		https://www.ibm.com/support/pages/node/7239151
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-07-09T14:33:12.453Z

Updated: 2025-07-09T15:58:33.379Z

Reserved: 2025-02-07T14:52:32.394Z

Link: CVE-2025-1112

Vulnrichment

Updated: 2025-07-09T15:58:29.677Z

NVD

Status : Received

Published: 2025-07-09T15:15:23.457

Modified: 2025-07-09T15:15:23.457

Link: CVE-2025-1112

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1112", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-02-07T14:52:32.394Z", "datePublished": "2025-07-09T14:33:12.453Z", "dateUpdated": "2025-07-09T15:58:33.379Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "OpenPages with Watson", "vendor": "IBM", "versions": [{"status": "affected", "version": "8.3, 9.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users."}], "value": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-282", "description": "CWE-282 Improper Ownership Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-07-09T14:33:12.453Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.ibm.com/support/pages/node/7239151"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) or later - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)<br>Download URL for 9.0.0.5 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5\">https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5</a><br>Download URL for 9.0.0.5.3 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3\">https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3</a><br><br>For IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)<br>Download URL for 8.3.0.3 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3\">https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3</a><br>Download URL for 8.3.0.3.2 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2\">https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2</a><br><br>For IBM OpenPages v8.0/8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported version 8.3 or 9.0 of the product."}], "value": "For IBM OpenPages 9.0\u00a0- Apply 9.0 FixPack 5 (9.0.0.5) or later - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)\nDownload URL for 9.0.0.5 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5 \nDownload URL for 9.0.0.5.3 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3 \n\nFor IBM OpenPages 8.3\u00a0- Apply 8.3 FixPack 3 (8.3.0.3)\u00a0- Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)\nDownload URL for 8.3.0.3 -\u00a0 https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3 \nDownload URL for 8.3.0.3.2 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2 \n\nFor IBM OpenPages v8.0/8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported version 8.3 or 9.0 of the product."}], "source": {"discovery": "UNKNOWN"}, "title": "IBM OpenPages with Watson information disclosure", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-09T15:58:25.739195Z", "id": "CVE-2025-1112", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-09T15:58:33.379Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1112", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-09T15:58:25.739195Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-09T15:58:29.677Z"}}], "cna": {"title": "IBM OpenPages with Watson information disclosure", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "OpenPages with Watson", "versions": [{"status": "affected", "version": "8.3, 9.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "For IBM OpenPages 9.0\u00a0- Apply 9.0 FixPack 5 (9.0.0.5) or later - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)\nDownload URL for 9.0.0.5 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5 \nDownload URL for 9.0.0.5.3 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3 \n\nFor IBM OpenPages 8.3\u00a0- Apply 8.3 FixPack 3 (8.3.0.3)\u00a0- Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)\nDownload URL for 8.3.0.3 -\u00a0 https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3 \nDownload URL for 8.3.0.3.2 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2 \n\nFor IBM OpenPages v8.0/8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported version 8.3 or 9.0 of the product.", "supportingMedia": [{"type": "text/html", "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) or later - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)<br>Download URL for 9.0.0.5 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5\">https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5</a><br>Download URL for 9.0.0.5.3 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3\">https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3</a><br><br>For IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)<br>Download URL for 8.3.0.3 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3\">https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3</a><br>Download URL for 8.3.0.3.2 - <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2\">https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2</a><br><br>For IBM OpenPages v8.0/8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported version 8.3 or 9.0 of the product.", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7239151", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.", "supportingMedia": [{"type": "text/html", "value": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-282", "description": "CWE-282 Improper Ownership Management"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-07-09T14:33:12.453Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1112", "state": "PUBLISHED", "dateUpdated": "2025-07-09T15:58:33.379Z", "dateReserved": "2025-02-07T14:52:32.394Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2025-07-09T14:33:12.453Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}