DataStage on Cloud Pak for Data
by IBM
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13686 | 0.00 | — | 0.00 | Mar 3, 2026 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component. | |||
| CVE-2025-13687 | 0.00 | — | 0.00 | Mar 3, 2026 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component. | |||
| CVE-2025-13688 | 0.00 | — | 0.00 | Mar 3, 2026 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component. | |||
| CVE-2025-13616 | 0.00 | — | 0.00 | Mar 3, 2026 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used in further attacks against the system. | |||
| CVE-2025-13689 | 0.00 | — | 0.00 | Feb 17, 2026 | IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads. | |||
| CVE-2025-13691 | 0.00 | — | 0.00 | Feb 17, 2026 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system. |
- CVE-2025-13686Mar 3, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component.
- CVE-2025-13687Mar 3, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.
- CVE-2025-13688Mar 3, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.
- CVE-2025-13616Mar 3, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used in further attacks against the system.
- CVE-2025-13689Feb 17, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads.
- CVE-2025-13691Feb 17, 2026risk 0.00cvss —epss 0.00
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.