本頁列出影響 ibm watsonx.data_intelligence 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-36336 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques. | [email protected] | 5.9 | 0.20% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36333 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow. | [email protected] | 4.3 | 0.28% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36328 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | [email protected] | 4.3 | 0.36% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36327 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security. | [email protected] | 6.5 | 0.38% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36324 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | [email protected] | 4.3 | 0.27% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36323 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 5.4 | 0.23% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36321 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. | [email protected] | 5.7 | 0.40% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36320 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 6.4 | 0.25% | 2026-06-30 | 2026-07-06 |
| CVE-2025-36319 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling. | [email protected] | 4.3 | 0.42% | 2026-06-30 | 2026-07-06 |
| CVE-2025-12530 | IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques. | [email protected] | 5.9 | 0.20% | 2026-06-30 | 2026-07-06 |