CVE-2025-36328
MEDIUMDescription
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | watsonx.data_intelligence |
| ibm | software_hub |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-36328? +
How severe is CVE-2025-36328? +
What products are affected by CVE-2025-36328? +
How do I check if I'm vulnerable to CVE-2025-36328? +
Related Vulnerabilities
A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google …
User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages …
The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected …
Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not …
A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When …
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting …