CVE-2025-36336

MEDIUM

Transmission of Sensitive Information found in Watson Data Intelligence

Title source: cna
STIX 2.1

Description

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7277801

Scores

CVSS v3 5.9
EPSS 0.0020
EPSS Percentile 10.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-319
Status published
Products (2)
IBM/watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0
ibm/watsonx.data_intelligence
Published Jun 30, 2026
Tracked Since Jul 01, 2026