CVE-2025-27369

MEDIUM

IBM OpenPages with Watson 8.3-9.0 - Info Disclosure

Title source: llm

Description

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system.

References (1)

[Vendor Advisory] https://www.ibm.com/support/pages/node/7239155

Scores

CVSS v3 4.3

EPSS 0.0006

EPSS Percentile 18.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-497

Status published

Products (1)

ibm/openpages_with_watson 8.3 - 8.3.0.3.2

Published Jul 08, 2025

Tracked Since Feb 18, 2026