Vulnerability Description
IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. By modifying the CSRF token and Session Id cookie parameters using the cookies of another user, a remote attacker could exploit this vulnerability to bypass security restrictions and gain unauthorized access to the vulnerable application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Openpages With Watson | >= 8.3, < 8.3.0.3 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.ibm.com/support/pages/node/7183541Vendor Advisory
FAQ
What is CVE-2024-49779?
CVE-2024-49779 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass security restrictions, caused by improper validation and management of authentication cookies. By modifyin...
How severe is CVE-2024-49779?
CVE-2024-49779 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-49779?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Openpages With Watson, Linux Linux Kernel, Microsoft Windows.