CVE-2024-22341

Published: Feb 22, 2025Modified: Sep 29, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.

Affected (5)

Products: Ibm: Watson Query With Cloud Pak For Data

Ibm

1 product

Watson Query With Cloud Pak For Data

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Watson Query With Cloud Pak For Data	From 4.0 to 4.0.9
Ibm Watson Query With Cloud Pak For Data	From 4.5 to 4.5.3
Ibm Watson Query With Cloud Pak For Data	From 4.6 to 4.6.6
Ibm Watson Query With Cloud Pak For Data	From 4.7 to 4.7.4
Ibm Watson Query With Cloud Pak For Data	From 4.8 to 4.8.7

Related CWEs

CWE-73

External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

References (1)

https://www.ibm.com/support/pages/node/7183851

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.