CVE-2024-49782
EUVD-2025-462920.02.2025, 04:15
IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through email notifications generated by OpenPages or disrupt notification delivery.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | openpages_with_watson | 8.3 ≤ 𝑥 < 8.3.0.3 |
| ibm | openpages_with_watson | 9.0 ≤ 𝑥 < 9.0.0.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-297 - Improper Validation of Certificate with Host MismatchThe software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
- CWE-295 - Improper Certificate ValidationThe software does not validate, or incorrectly validates, a certificate.