Ibm Cloud_pak_for_data

15 CVEs affecting Ibm Cloud_pak_for_data. Latest disclosed: 2026-06-22. Critical: 0, High: 2.

Top CVEs affecting Ibm Cloud_pak_for_data
CVESeverityScorePublishedSummary
CVE-2023-42005High7.42024-05-29IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to…
CVE-2022-36769High7.22023-04-26 IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the p…
CVE-2024-54178Medium6.52026-06-22IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of servi…
CVE-2023-26023Medium6.52023-07-19Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to con…
CVE-2022-22353Medium6.52022-03-14IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive informa…
CVE-2021-20486Medium6.52021-05-26IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.
CVE-2025-0719Medium6.12025-02-26IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbi…
CVE-2025-2669Medium6.02026-06-22IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and…
CVE-2023-27540Medium5.92023-07-10IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specif…
CVE-2023-33854Medium5.32026-06-22IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-s…
CVE-2023-27877Medium5.32023-07-19IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB se…
CVE-2023-26026Medium5.32023-07-19Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to con…
CVE-2022-38714Medium4.92024-02-12IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060.
CVE-2021-38899Medium4.42021-09-20IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575.
CVE-2023-27545Medium4.02024-02-29IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. I…