CVE-2024-43196

IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7183541	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ibm:openpages_with_watson::::::::
	cpe:2.3:a:ibm:openpages_with_watson::::::::

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

History

No history.

Information

Published : 2025-02-20 04:15

Updated : 2025-03-11 14:57

NVD link : CVE-2024-43196

Mitre link : CVE-2024-43196

CVE.ORG link : CVE-2024-43196

JSON object : View

Products Affected

microsoft

windows

ibm

openpages_with_watson

linux

linux_kernel

CWE

CWE-296

Improper Following of a Certificate's Chain of Trust

NVD-CWE-noinfo

{"id": "CVE-2024-43196", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-02-20T04:15:09.630", "references": [{"url": "https://www.ibm.com/support/pages/node/7183541", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-296"}]}, {"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM OpenPages with Watson 8.3 and 9.0\u00a0\n\napplication could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses."}, {"lang": "es", "value": "La aplicaci\u00f3n IBM OpenPages con Watson 8.3 y 9.0 podr\u00eda permitir que un usuario autenticado manipule datos en la aplicaci\u00f3n Questionnaires, lo que le permitir\u00eda falsificar las respuestas de otros usuarios."}], "lastModified": "2025-03-11T14:57:13.920", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:openpages_with_watson:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F71A33D-AF4E-4480-A4C2-2C73DBA1B967", "versionEndExcluding": "8.3.0.3", "versionStartIncluding": "8.3"}, {"criteria": "cpe:2.3:a:ibm:openpages_with_watson:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C36C16B7-9740-4060-BCF4-3270CE3176B1", "versionEndExcluding": "9.0.0.5", "versionStartIncluding": "9.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}