Primary

Context

IBM watsonx.data intelligence Plain Text Credential Storage Vulnerability

Vulnerability

A vulnerability exists in IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.3.0, and 5.3.1, where user credentials are stored in plain text, allowing local users to read them. This issue arises from improper input validation, leading to a prototype pollution vulnerability that can be exploited to modify the prototype of parsed YAML documents, potentially causing denial-of-service conditions or arbitrary file overwrites.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user credentials, with potential for further exploitation depending on the user's privileges.

Remediation

Users are advised to update to version 5.3.1-patch3. Instructions for downloading this patch are available on the IBM Software Hub.

Added: Apr 30, 2026, 10:51 PM

Updated: Apr 30, 2026, 10:51 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

7.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

7.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM watsonx.data intelligence Plain Text Credential Storage Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating