CVE-2024-49783
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-14
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| ibm | openpages_with_watson | From 8.3 (inc) to 8.3.0.3.1 (exc) |
| ibm | openpages_with_watson | From 9.0 (inc) to 9.0.0.5 (exc) |
| microsoft | windows | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-329 | The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM OpenPages with Watson versions 8.3 and 9.0 involves weaker than expected security in the storage of encrypted data. An authenticated remote attacker with database access or a local attacker with access to server files could exploit this weakness by using additional cryptographic methods to potentially extract the encrypted data.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow attackers to extract sensitive encrypted data from the system, potentially leading to data breaches and exposure of confidential information.