Primary

Context

IBM OpenPages Information Disclosure Vulnerability

Vulnerability

An information disclosure vulnerability has been identified in IBM OpenPages versions 9.0 and 9.1. This issue arises from inadequate security measures on certain REST endpoints utilized by the OpenPages user interface. As a result, an authenticated user can access sensitive system metadata beyond their authorized view.

Impact

Exploitation of this vulnerability allows authenticated users to access sensitive system metadata for areas they are not authorized to view.

Remediation

Users of IBM OpenPages 9.1.1 can download the latest version from the IBM OpenPages Version 9.1.1 Download page. For IBM OpenPages 9.0, users should apply FixPack 5 (9.0.0.5) followed by Interim Fix 7 (9.0.0.5.7). Both versions can be downloaded from the IBM OpenPages Support page.

Added: Nov 12, 2025, 8:23 PM

Updated: Nov 12, 2025, 8:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM OpenPages Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating