CVE-2025-36145

Published: Mag 26, 2026 Last Modified: Mag 26, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: none

Description

AI Translation Available

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions.

923

Improper Restriction of Communication Channel to Intended Endpoints

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality

Potential Impacts:

Gain Privileges Or Assume Identity

Applicable Platforms

Technologies: Not Technology-Specific, Web Based, Web Server

View CWE Details

https://www.ibm.com/support/pages/node/7272498

CVE-2025-36145

Description

Improper Restriction of Communication Channel to Intended Endpoints

Common Consequences

Applicable Platforms

Iscriviti alla newsletter