CVE Catalog

CVE-2025-12530

MediumCVSS 5.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile — higher than 10% of all known CVEs

Summary

IBM watsonx.data intelligence versions 5.2.2, 5.3.0, 5.3.1, and 5.3.1 through patch-1 transmit data in clear text. This allows an attacker to obtain sensitive information using man-in-the-middle techniques.

Risk Assessment

The organization is at risk of sensitive data leakage, such as passwords or API keys, which could lead to system compromise and loss of customer trust.

Recommendation

Immediately update IBM watsonx.data intelligence to the latest available version that fixes this vulnerability. In the meantime, enforce encryption (e.g., TLS) at the network level.

Original NVD description (English source)

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS