Critical Vulnerability Information Vulnerability Overview CVE ID: CVE-2023-40683 Description: Insufficient authorization checks on API requests in IBM OpenPages allow remote attackers to exploit authorized users, bypassing security restrictions via non-public APIs, and thereby gaining unauthorized administrative access to the application. CVSS Score: - Base Score: 8.8 - CVSS Vector: Affected Products and Versions Remediation IBM OpenPages with Watson 8.3 - Download and install fix pack : Download Link - Download and install interim fix : Download Link IBM OpenPages 9.0 - Download and install fix pack : Download Link Workarounds and Mitigations No additional mitigation measures specified. It is recommended to upgrade to supported versions or . References CVSS v3 Complete Guide CVSS v3 Online Calculator