{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-27369", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-02-22T15:25:27.069Z", "datePublished": "2025-07-08T18:43:15.373Z", "dateUpdated": "2025-07-08T19:03:39.661Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "OpenPages with Watson", "vendor": "IBM", "versions": [{"status": "affected", "version": "8.3, 9.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM OpenPages with Watson 8.3 and 9.0 \n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system.</span>\n\n</span>\n\n</span>\n\n</span>"}], "value": "IBM OpenPages with Watson 8.3 and 9.0 \n\n\n\n\n\n\n\nis vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-497", "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-07-08T18:43:15.373Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.ibm.com/support/pages/node/7239155"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)<br>Download URL for 9.0.0.5 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5\">https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5</a><br>Download URL for 9.0.0.5.3 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3\">https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3</a><br><br>For IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)<br>Download URL for 8.3.0.3 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3\">https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3</a><br>Download URL for 8.3.0.3.2 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2\">https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2</a>"}], "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)\nDownload URL for 9.0.0.5 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5 \nDownload URL for 9.0.0.5.3 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3 \n\nFor IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)\nDownload URL for 8.3.0.3 -\u00a0 https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3 \nDownload URL for 8.3.0.3.2 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2"}], "source": {"discovery": "UNKNOWN"}, "title": "IBM OpenPages with Watson information disclosure", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-08T19:03:30.574258Z", "id": "CVE-2025-27369", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T19:03:39.661Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-27369", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-08T19:03:30.574258Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T19:03:32.942Z"}}], "cna": {"title": "IBM OpenPages with Watson information disclosure", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "OpenPages with Watson", "versions": [{"status": "affected", "version": "8.3, 9.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)\nDownload URL for 9.0.0.5 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5 \nDownload URL for 9.0.0.5.3 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3 \n\nFor IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)\nDownload URL for 8.3.0.3 -\u00a0 https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3 \nDownload URL for 8.3.0.3.2 -\u00a0 https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2", "supportingMedia": [{"type": "text/html", "value": "For IBM OpenPages 9.0 - Apply 9.0 FixPack 5 (9.0.0.5) - Then Apply 9.0.0.5 Interim Fix 3 (9.0.0.5.3)<br>Download URL for 9.0.0.5 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5\">https://www.ibm.com/support/pages/ibm-openpages-90-fix-pack-5</a><br>Download URL for 9.0.0.5.3 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3\">https://www.ibm.com/support/pages/ibm-openpages-9005-interim-fix-3</a><br><br>For IBM OpenPages 8.3 - Apply 8.3 FixPack 3 (8.3.0.3) - Then Apply 8.3.0.3 Interim Fix 2 (8.3.0.3.2)<br>Download URL for 8.3.0.3 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3\">https://www.ibm.com/support/pages/openpages-watson-83-fix-pack-3</a><br>Download URL for 8.3.0.3.2 -&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2\">https://www.ibm.com/support/pages/ibm-openpages-8303-interim-fix-2</a>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7239155", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "IBM OpenPages with Watson 8.3 and 9.0 \n\n\n\n\n\n\n\nis vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system.", "supportingMedia": [{"type": "text/html", "value": "IBM OpenPages with Watson 8.3 and 9.0 \n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system.</span>\n\n</span>\n\n</span>\n\n</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-497", "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2025-07-08T18:43:15.373Z"}}}, "cveMetadata": {"cveId": "CVE-2025-27369", "state": "PUBLISHED", "dateUpdated": "2025-07-08T19:03:39.661Z", "dateReserved": "2025-02-22T15:25:27.069Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2025-07-08T18:43:15.373Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM OpenPages with Watson 8.3 and 9.0 \n\n\n\n\n\n\n\nis vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system."}], "id": "CVE-2025-27369", "lastModified": "2025-07-08T19:15:41.333", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-07-08T19:15:41.333", "references": [{"source": "[email protected]", "url": "https://www.ibm.com/support/pages/node/7239155"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-497"}], "source": "[email protected]", "type": "Primary"}]}

{}