Vulnerability Description
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Openpages With Watson | >= 8.3, < 8.3.0.2.7 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/264005VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7107774PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/264005VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7107774PatchVendor Advisory
FAQ
What is CVE-2023-40683?
CVE-2023-40683 is a vulnerability with a CVSS score of 8.8 (HIGH). IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-pub...
How severe is CVE-2023-40683?
CVE-2023-40683 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-40683?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Openpages With Watson, Linux Linux Kernel, Microsoft Windows.