Ibm Cloud_pak_for_data
15 CVEs affecting Ibm Cloud_pak_for_data. Latest disclosed: 2026-06-22. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-42005 | High | 7.4 | 2024-05-29 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to… |
CVE-2022-36769 | High | 7.2 | 2023-04-26 | IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the p… |
CVE-2024-54178 | Medium | 6.5 | 2026-06-22 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of servi… |
CVE-2023-26023 | Medium | 6.5 | 2023-07-19 | Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to con… |
CVE-2022-22353 | Medium | 6.5 | 2022-03-14 | IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive informa… |
CVE-2021-20486 | Medium | 6.5 | 2021-05-26 | IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668. |
CVE-2025-0719 | Medium | 6.1 | 2025-02-26 | IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbi… |
CVE-2025-2669 | Medium | 6.0 | 2026-06-22 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and… |
CVE-2023-27540 | Medium | 5.9 | 2023-07-10 | IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specif… |
CVE-2023-33854 | Medium | 5.3 | 2026-06-22 | IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-s… |
CVE-2023-27877 | Medium | 5.3 | 2023-07-19 | IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB se… |
CVE-2023-26026 | Medium | 5.3 | 2023-07-19 | Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to con… |
CVE-2022-38714 | Medium | 4.9 | 2024-02-12 | IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060. |
CVE-2021-38899 | Medium | 4.4 | 2021-09-20 | IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575. |
CVE-2023-27545 | Medium | 4.0 | 2024-02-29 | IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. I… |