Back to overview

CVE-2025-36336

MEDIUM
5.9
CVSS 3.1
Description
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

Metadata

CVE ID
CVE-2025-36336
State
PUBLISHED
Assigner
ibm
Reserved
2025-04-15 21:16 UTC
Published
2026-06-30 20:12 UTC
Last updated
2026-07-01 14:00 UTC
Primary CWE
CWE-319
CWE-319 Cleartext Transmission of Sensitive Information
Vendor / Product
IBM / watsonx.data intelligence
Sources
cve.org  ·  NVD

Severity & Metrics

5.9 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0
Weakness (CWE)
CWESourceDescription
CWE-319 cna CWE-319 Cleartext Transmission of Sensitive Information
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.9 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview