CVE-2024-49355
20.02.2025, 04:15
IBM OpenPages with Watson 8.3 and 9.0may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature.Enginsight
| Vendor | Product | Version |
|---|---|---|
| ibm | openpages_with_watson | 8.3 ≤ 𝑥 < 8.3.0.3 |
| ibm | openpages_with_watson | 9.0 ≤ 𝑥 < 9.0.0.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-117 - Improper Output Neutralization for LogsThe software does not neutralize or incorrectly neutralizes output that is written to logs.
- CWE-116 - Improper Encoding or Escaping of OutputThe software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.