IBM OpenPages with Watson 8.3/9.0 Weak Encrypted Data Storage
CVE-2024-49783 Published on July 8, 2025
IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson 8.3 and 9.0
could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability to use additional cryptographic methods to possibly extract the encrypted data.
Vulnerability Analysis
CVE-2024-49783 can be exploited with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Not Using an Unpredictable IV with CBC Mode
Not using an unpredictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key.
Products Associated with CVE-2024-49783
Want to know whenever a new CVE is published for IBM Openpages With Watson? stack.watch will email you.
Affected Versions
IBM OpenPages with Watson:- Version 8.3 is affected.
- Version 9.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.