Primary

Context

IBM OpenPages Web Cache Vulnerability Allowing Sensitive Information Exposure

Vulnerability

A vulnerability in IBM OpenPages versions 9.0 and 9.1 has been identified, allowing web page cache to be stored locally and potentially read by another user on the system. This issue arises because some API responses use a caching directive that, while indicating the content is stale, may still be temporarily stored in browsers or intermediary caches. For sensitive information, this could lead to unauthorized access.

Impact

Exploitation of this vulnerability could result in the unauthorized exposure of sensitive information through cached web pages.

Remediation

Users of IBM OpenPages 9.1.1 can download the update from the IBM Support page. For IBM OpenPages 9.0, users should apply FixPack 5 (9.0.0.5) followed by Interim Fix 5 (9.0.0.5.5). Download links for these versions are available on the IBM Support website.

Added: Sep 15, 2025, 7:29 PM

Updated: Sep 15, 2025, 7:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM OpenPages Web Cache Vulnerability Allowing Sensitive Information Exposure

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating