What is CVE-2025-2669?

CVE-2025-2669 is a medium-severity vulnerability in Ibm Db2 On Cloud Pak For Data And Warehouse, classified under Improper Certificate Validation. CVSS score: 6.0/10. Published 2026-06-22.

How severe is CVE-2025-2669?

Medium severity. CVSS v3 base score is 6.0 out of 10.

Vulnerability in Ibm Db2 On Cloud Pak For Data And Warehouse

CVE-2025-2669

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token va…

Vulnerability class: Improper Certificate Validation

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L.

Affected products

Ibm Db2 On Cloud Pak For Data And Warehouse — versions 4.8.0, 5.0.0

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

psirt@us.ibm.com (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-2669?: CVE-2025-2669 is a medium-severity vulnerability in Ibm Db2 On Cloud Pak For Data And Warehouse, classified under Improper Certificate Validation. CVSS score: 6.0/10. Published 2026-06-22.
How severe is CVE-2025-2669?: Medium severity. CVSS v3 base score is 6.0 out of 10.