Lucene search
K
IbmWatsonx.data Intelligence

10 matches found

CVE
CVE
added 2026/06/30 8:34 p.m.16 views

CVE-2025-12530

IBM watsonx.data intelligence CVE-2025-12530 affects 5.2.2, 5.3.0, 5.3.1, and 5.3.1 through patch-1, where data is transmitted in clear text, enabling potential MITM access to sensitive information. The connected sources provide the affected versions and the clear-text transmission root cause; no...

5.9CVSS5.8AI score0.00203EPSS
CVE
CVE
added 2026/06/30 8:17 p.m.16 views

CVE-2025-36327

CVE-2025-36327 affects IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, and 5.3.0. An authenticated user can bypass security controls and perform unauthorized actions due to client-side enforcement of server-side security. The issue is described as a failure of client-side controls to enforce s...

6.5CVSS5.8AI score0.0036EPSS
CVE
CVE
added 2026/06/30 8:19 p.m.15 views

CVE-2025-36321

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 are vulnerable to HTML injection. A remote attacker could inject malicious HTML that executes in a victim’s browser within the hosting site’s security context. The sources provided confirm the vulnerability, but no remediation ...

5.7CVSS5.8AI score0.00407EPSS
CVE
CVE
added 2026/06/30 8:18 p.m.14 views

CVE-2025-36324

CVE-2025-36324 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue is a server-side request forgery (SSRF) that could allow an authenticated attacker to make unauthorized requests from the system, potentially enabling network enumeration or facilitating other ...

4.3CVSS5.8AI score0.0027EPSS
CVE
CVE
added 2026/06/30 8:22 p.m.13 views

CVE-2025-36320

IBM watsonx.data intelligence (versions 5.2.0, 5.2.1, 5.2.2, 5.3.0) is described as vulnerable to stored cross-site scripting. The vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI, potentially altering functionality and leading to credentials disclosure ...

6.4CVSS5.5AI score0.00257EPSS
CVE
CVE
added 2026/06/30 8:12 p.m.13 views

CVE-2025-36336

CVE-2025-36336 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue is that data is transmitted in clear text, which an attacker could exploit via man-in-the-middle techniques to obtain sensitive information. The base metrics show a moderate network attack with...

5.9CVSS5.8AI score0.00203EPSS
CVE
CVE
added 2026/06/30 8:19 p.m.12 views

CVE-2025-36323

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 are vulnerable to cross-site scripting. An authenticated user can embed arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credentials disclosure within a trusted session. The reported CVSSv3....

5.4CVSS5.5AI score0.00231EPSS
CVE
CVE
added 2026/06/30 8:23 p.m.11 views

CVE-2025-36319

CVE-2025-36319 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue allows an authenticated user to trigger a temporary denial of service via a specially crafted HTTP request caused by improper allocation of resource throttling. The connected data sources do no...

4.3CVSS5.8AI score0.00431EPSS
CVE
CVE
added 2026/06/30 8:16 p.m.11 views

CVE-2025-36328

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 are described as vulnerable to information disclosure via detailed technical error messages returned in the browser. The root cause is that error details may be exposed to remote attackers, enabling potential follow-on attacks....

4.3CVSS5.8AI score0.00367EPSS
CVE
CVE
added 2026/06/30 8:15 p.m.11 views

CVE-2025-36333

CVE-2025-36333 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The authenticated user can perform unauthorized actions due to improper enforcement of the behavioral workflow. Root cause details are not specified in the provided documents. The entry lists a MEDIUM im...

4.3CVSS5.8AI score0.00283EPSS