CVE-2025-13691 | THREATINT

Description

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.

PUBLISHED Reserved 2025-11-25 | Published 2026-02-17 | Updated 2026-02-19 | Assigner ibm

HIGH: 8.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

5.1.2 (semver)

affected

References

www.ibm.com/support/pages/node/7259956 vendor-advisory patch

cve.org (CVE-2025-13691)

nvd.nist.gov (CVE-2025-13691)

Download JSON