CVE-2025-36327
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk30th percentile — higher than 30% of all known CVEs
Summary
A vulnerability in IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0 allows an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of server-side security.
Risk Assessment
The risk is that an authenticated user may gain access to functions or data they are not authorized to, potentially leading to a breach of confidentiality, integrity, or availability of the system.
Recommendation
It is recommended to immediately update IBM watsonx.data intelligence to the latest available version that includes a fix for this vulnerability, and to implement server-side security enforcement mechanisms.
Original NVD description (English source)
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security.

