CVE-2025-13689

Published: Feb 17, 2026Modified: Feb 20, 2026

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: psirt@us.ibm.com

Description

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads.

Affected (1)

Products: Ibm: Datastage On Cloud Pak For Data

Ibm

1 product

Datastage On Cloud Pak For Data

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Datastage On Cloud Pak For Data	From 5.1.2 to 5.3.1

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (1)

https://www.ibm.com/support/pages/node/7259958

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.