Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-36145
PUBLISHED
More InfoOfficial Page
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
View Known Exploited Vulnerability (KEV) details
Published At-26 May, 2026 | 15:50
Updated At-26 May, 2026 | 17:42
Rejected At-
▼CVE Numbering Authority (CNA)
Multiple Vulnerabilities in watsonx.data

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions.

Affected Products
Vendor
IBM CorporationIBM
Product
watsonx.data
CPEs
  • cpe:2.3:a:ibm:watsonxdata:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:watsonxdata:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:watsonxdata:2.3.1:*:*:*:*:*:*:*
Versions
Affected
  • From 2.2.0 through 2.3.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-923CWE-923 Improper Restriction of Communication Channel to Intended Endpoints
Type: CWE
CWE ID: CWE-923
Description: CWE-923 Improper Restriction of Communication Channel to Intended Endpoints
Metrics
VersionBase scoreBase severityVector
3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The product needs to be installed or upgraded to the latest available level watsonx.data 2.3.x or watsonx.data on CPD 5.3.x.  Installation/upgrade instructions can be found here: https://www.ibm.com/docs/en/software-hub/5.3.x?topic=watsonxdata-installing

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ibm.com/support/pages/node/7272498
vendor-advisory
patch
Hyperlink: https://www.ibm.com/support/pages/node/7272498
Resource:
vendor-advisory
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found