Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Network-reachable SSRF requiring authenticated low-privilege access; impact limited to partial confidentiality via internal network enumeration with no integrity or availability consequence.
Primary rating from Vendor (ibm).
CVSS VectorVendor: ibm
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
AnalysisAI
Server-side request forgery in IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 enables authenticated attackers to coerce the server into issuing arbitrary outbound HTTP requests to attacker-controlled destinations. The CVSS vector (PR:L) confirms exploitation requires a valid account, but no elevated privileges are needed beyond basic authentication. Primary impact is internal network enumeration and potential pivoting to services that trust the watsonx.data host, rather than direct data exfiltration. No public exploit code or CISA KEV listing has been identified at time of analysis.
Technical ContextAI
CWE-918 (Server-Side Request Forgery) describes a class of vulnerability where an application fetches a remote resource based on user-supplied input without adequate URL validation or allowlisting. IBM watsonx.data intelligence is an enterprise lakehouse platform that integrates with data sources and external services, making it architecturally plausible that URL-handling functionality exists within its data connector or API layers. The affected CPE (cpe:2.3:a:ibm:watsonx.data_intelligence:*:*:*:*:*:*:*:*) covers the intelligence tier of the watsonx.data product family across versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The CVSS vector AV:N/AC:L confirms the attack surface is reachable over a network with no special configuration complexity, meaning any accessible API endpoint that accepts a URL parameter is a candidate entry point.
RemediationAI
Apply the vendor-supplied patch per IBM's advisory at https://www.ibm.com/support/pages/node/7277801. The exact remediated version number is not independently confirmed from available data - consult the IBM advisory directly to identify the specific fix version and upgrade path. As a compensating control prior to patching, restrict the network egress of the watsonx.data intelligence host to a defined allowlist of legitimate data source endpoints, blocking arbitrary outbound HTTP/HTTPS to internal RFC-1918 ranges and cloud metadata endpoints (e.g., 169.254.169.254); this limits the utility of SSRF even if triggered. Additionally, enforce strong account hygiene and least-privilege access to reduce the pool of authenticated users who could trigger the flaw. Note that egress filtering may impact legitimate data connector functionality and should be tested before enforcement.
More in Watsonx Data Intelligence
View allClient-side enforcement of server-side security in IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 allows an
Stored cross-site scripting in IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 allows authenticated low-privi
Cleartext data transmission in IBM watsonx.data intelligence versions 5.2.2 through 5.3.1 (including patch-1) exposes se
Cleartext transmission in IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 exposes sensitive data to intercept
HTML injection in IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 enables a remote authenticated attacker to
Cross-site scripting in IBM watsonx.data Intelligence 5.2.0 through 5.3.0 allows low-privileged authenticated users to i
Temporary denial of service in IBM watsonx.data intelligence 5.2.0 through 5.3.0 is achievable by authenticated users wh
IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 leak sensitive technical information to the browser via verbo
IBM watsonx.data Intelligence versions 5.2.0 through 5.3.0 exposes authenticated users to unauthorized action execution
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210379
GHSA-wccc-w6wf-ghf3