CVE-2024-22341 MEDIUM

CVE-2024-22341: IBM Watson Query on Cloud Pak for Data information disclosure

Vendor Ibm
Product Watson Query on Cloud Pak for Data
Weakness CWE-73
Published February 22, 2025
Last update September 30, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.

Key dates

02Disclosure timeline

February 22, 2025 CVE published
September 30, 2025 Record updated