CVE-2024-35151
22.08.2024, 11:15
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ibm | openpages_grc_platform | 8.3 |
| ibm | openpages_with_watson | 9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-288 - Authentication Bypass Using an Alternate Path or ChannelA product requires authentication, but the product has an alternate path or channel that does not require authentication.
- CWE-306 - Missing Authentication for Critical FunctionThe product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.