Primary

Context

IBM watsonx.data Inbound and Outbound Connection Restriction Vulnerability Allowing Unrestricted File Transfer or Modification

Vulnerability

Patched

A vulnerability exists in IBM watsonx.data versions 2.2 through 2.3.1, specifically within IBM Lakehouse. The issue arises because the application does not properly restrict inbound and outbound connections, potentially allowing an attacker to transfer or modify files without any limitations.

Impact

Exploitation of this vulnerability could lead to unauthorized file transfers or modifications, allowing for potential data manipulation or disruption.

Remediation

Users are advised to upgrade to the latest available version of watsonx.data 2.3.x or watsonx.data on CPD 5.3.x. Installation or upgrade instructions can be found in the IBM watsonx Subscription support documentation.

Added: May 26, 2026, 11:26 PM

Updated: May 26, 2026, 11:26 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

5.2

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

5.2

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM watsonx.data Inbound and Outbound Connection Restriction Vulnerability Allowing Unrestricted File Transfer or Modification

Vulnerability

Impact

Remediation

Affected Products

IBM watsonx.data

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating