CNNVD-202508-3670 Information
CNNVD ID
CNNVD-202508-3670
Related CVE
- CNNVD Published: 2025-08-30
Description (Chinese)
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data是美国国际商业机器(IBM)公司的一个数据和AI平台。 IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4版本、4.8.5版本和5.0.0至5.2.0版本存在SQL注入漏洞,该漏洞源于远程攻击者可以发送特制的SQL语句,这些语句允许攻击者查看、添加、修改或删除后端数据库中的信息。
Description (English)
IBM Washington State for IBM Cloud Pak for Data is a data and AI platform for the United States International Business Machine (IBM). IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5 and 5.0.0 to 5.2.0 has an injection loophole in SQL, which results from the remote assailant ’ s ability to send specially designed SQL statements that allow the assailant to view, add, modify or delete information from the backend database.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
国际商业机器
Published
2025-08-30
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7243596 https://access.redhat.com/security/cve/cve-2025-0165 https://nvd.nist.gov/vuln/detail/CVE-2025-0165
Patch
https://www.ibm.com/support/pages/node/7243596
Share on: