5.9

CVE-2025-12530

Vulnerabilities found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWatsonx.Data Intelligence Version-
   IbmSoftware Hub Version >= 5.2.2 < 5.3.1
   IbmSoftware Hub Version5.3.1 Update-
   IbmSoftware Hub Version5.3.1 Updatepatch1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.104
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@us.ibm.com 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

https://www.ibm.com/support/pages/node/7277802
Vendor Advisory