IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow.

Project Subscriptions

Vendors Products
Watsonxdata Intelligence Subscribe
Advisories

No advisories yet.

Fixes

Solution

Affected productFixed in releaseInstructionsIBM watsonx.data intelligence 5.2.0 - 5.3.05.3.1 https://www.ibm.com/docs/en/watsonx/wdi/2.3.x?topic=new-watsonxdata-intelligence IBM strongly advises upgrading as soon as possible


Workaround

No workaround given by the vendor.

History

Wed, 01 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 30 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
Description IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow.
Title Vulnerabilities found in Watson Data Intelligence
First Time appeared Ibm
Ibm watsonxdata Intelligence
Weaknesses CWE-841
CPEs cpe:2.3:a:ibm:watsonxdata_intelligence:5.2.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm watsonxdata Intelligence
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-07-01T12:56:25.329Z

Reserved: 2025-04-15T21:16:52.390Z

Link: CVE-2025-36333

cve-icon Vulnrichment

Updated: 2026-07-01T12:56:22.022Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T04:15:16Z

Weaknesses