IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state.
History

Wed, 09 Jul 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 09 Jul 2025 14:45:00 +0000

Type Values Removed Values Added
Description IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state.
Title IBM OpenPages information disclosure
First Time appeared Ibm
Ibm openpages With Watson
Weaknesses CWE-497
CPEs cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm openpages With Watson
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-07-09T14:27:56.151Z

Updated: 2025-07-09T15:59:05.836Z

Reserved: 2025-03-22T13:41:35.288Z

Link: CVE-2025-2670

cve-icon Vulnrichment

Updated: 2025-07-09T15:59:02.854Z

cve-icon NVD

Status : Received

Published: 2025-07-09T15:15:24.370

Modified: 2025-07-09T15:15:24.370

Link: CVE-2025-2670

cve-icon Redhat

No data.