Primary

Context

IBM Lakehouse Information Disclosure Vulnerability in watsonx.data Component Version 2.2

Vulnerability

An information disclosure vulnerability has been identified in IBM Lakehouse, specifically in the watsonx.data component version 2.2. This vulnerability could allow an authenticated user to access sensitive server component version details, potentially facilitating further attacks against the system.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive server component version information, which could be used to plan and execute additional attacks against the system.

Remediation

Users can upgrade to IBM watsonx.data version 2.2.1 or version 2.2 on CPD 5.2.1. Installation or upgrade instructions are available in the IBM watsonx documentation.

Added: Sep 18, 2025, 4:28 PM

Updated: Sep 18, 2025, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Lakehouse Information Disclosure Vulnerability in watsonx.data Component Version 2.2

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating