CVE-2025-27367 | THREATINT

Description

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields.

PUBLISHED Reserved 2025-02-22 | Published 2025-07-08 | Updated 2025-08-24 | Assigner ibm

MEDIUM: 5.3CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Problem types

CWE-602 Client-Side Enforcement of Server-Side Security

Product status

Default status

unaffected

8.3

affected

9.0

affected

References

www.ibm.com/support/pages/node/7239155 vendor-advisory patch

cve.org (CVE-2025-27367)

nvd.nist.gov (CVE-2025-27367)

Download JSON