CVE-2024-49782

HIGH Year: 2024
CVSS v3 Score
8.2
High
Weakness Type
CWE-297
View all →

Vulnerability Description

IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through email notifications generated by OpenPages or disrupt notification delivery.

Related Vulnerabilities

CVE-2025-3501

HIGH
CVSS:8.2(High)

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

CWE-2972025

CVE-2018-10936

HIGH
CVSS:8.1(High)

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could ...

CWE-2972018

CVE-2020-11050

HIGH
CVSS:8.1(High)

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched i...

CWE-2972020

CVE-2022-32153

HIGH
CVSS:8.1(High)

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by defa...

CWE-2972022

CVE-2023-34143

HIGH
CVSS:8.1(High)

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man...

CWE-2972023

CVE-2024-32868

HIGH
CVSS:8.1(High)

ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `...

CWE-2972024