Description
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Published: 2026-06-30
Score: 4.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is a server‑side request forgery (SSRF) that exists in IBM watsonx.data intelligence releases 5.2.0 through 5.3.0. An authenticated attacker can leverage the flaw to cause the system to make arbitrary HTTP requests to internal or external hosts. The resulting unauthorized traffic may enable network enumeration, data exfiltration, or the execution of further attacks against internal services. The weakness is formally categorized under CWE‑918.

Affected Systems

IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 are affected. No other versions are reported as vulnerable. Users should verify the exact version installed to ascertain exposure.

Risk and Exploitability

The CVSS score for this issue is 4.3, indicating moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw requires authentication, an attacker would need valid credentials, but the SSRF can be leveraged to reach internal network resources. Overall, the risk is limited if the system is properly isolated, yet the vulnerability permits potentially wide-reaching impact once authenticated.

Generated by OpenCVE AI on June 30, 2026 at 22:52 UTC.

Remediation

Vendor Solution

Affected productFixed in releaseInstructionsIBM watsonx.data intelligence 5.2.0 - 5.3.05.3.1 https://www.ibm.com/docs/en/watsonx/wdi/2.3.x?topic=new-watsonxdata-intelligence IBM strongly advises upgrading as soon as possible


OpenCVE Recommended Actions

  • Upgrade IBM watsonx.data intelligence to version 5.3.05.3.1 or later, following IBM’s official release instructions. This patch eliminates the SSRF flaw.
  • Restrict access to the components that interact with external networks, ensuring that only trusted roles can trigger external requests.
  • Monitor outbound network traffic from the application for unexpected or unauthorized destinations, and alert on suspicious patterns.

Generated by OpenCVE AI on June 30, 2026 at 22:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Title Vulnerabilities found in Watson Data Intelligence
First Time appeared Ibm
Ibm watsonxdata Intelligence
Weaknesses CWE-918
CPEs cpe:2.3:a:ibm:watsonxdata_intelligence:5.2.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm watsonxdata Intelligence
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


Subscriptions

Ibm Watsonxdata Intelligence
cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-06-30T20:18:12.358Z

Reserved: 2025-04-15T21:16:51.462Z

Link: CVE-2025-36324

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T23:00:12Z

Weaknesses
  • CWE-918

    Server-Side Request Forgery (SSRF)