IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7239153 |
![]() ![]() |
History
Wed, 09 Jul 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 09 Jul 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state. | |
Title | IBM OpenPages information disclosure | |
First Time appeared |
Ibm
Ibm openpages With Watson |
|
Weaknesses | CWE-497 | |
CPEs | cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:* | |
Vendors & Products |
Ibm
Ibm openpages With Watson |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published: 2025-07-09T14:27:56.151Z
Updated: 2025-07-09T15:59:05.836Z
Reserved: 2025-03-22T13:41:35.288Z
Link: CVE-2025-2670

Updated: 2025-07-09T15:59:02.854Z

Status : Received
Published: 2025-07-09T15:15:24.370
Modified: 2025-07-09T15:15:24.370
Link: CVE-2025-2670

No data.