Watson Knowledge Catalog CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-41731	2 Ibm, Redhat	2 Watson Knowledge Catalog On Cloud Pak For Data, Openshift	2025-03-25	8.6 High
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402.
CVE-2023-28958	1 Ibm	1 Watson Knowledge Catalog On Cloud Pak For Data	2024-11-21	7 High
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 251782.
CVE-2023-28955	1 Ibm	1 Watson Knowledge Catalog On Cloud Pak For Data	2024-11-21	6.5 Medium
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.
CVE-2019-4220	1 Ibm	2 Infosphere Information Server On Cloud, Watson Knowledge Catalog	2024-11-21	5.5 Medium
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229.

Page 1 of 1.