← Back to CVEs
CVE-2025-2670
MEDIUM4.3
Description
IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state.
CVE Details
CVSS v3.1 Score4.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published7/9/2025
Last Modified8/14/2025
Sourcenvd
Honeypot Sightings0
Affected Products
ibm:openpages
Weaknesses (CWE)
CWE-497
References
https://www.ibm.com/support/pages/node/7239153(psirt@us.ibm.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.