Published
2025-08-30
·
Updated
2025-08-30
·
CVE-2025-0165
7.6
High
| Base vector | Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data versions 4.8.4 through 4.8.5
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data versions 5.0.0 through 5.2.0
Description:
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data is susceptible to SQL injection. A remote attacker could potentially send crafted SQL statements to view, add, modify, or delete information within the back-end database.
Recommendations:
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data version 4.8.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data version 4.8.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data versions 5.0.0 through 5.2.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
SQL injection