Watson Studio
by IBM
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-4335 | Med | 0.36 | 5.5 | 0.00 | Dec 30, 2019 | IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. IBM X-Force ID: 161413. | ||
| CVE-2018-1682 | Med | 0.35 | 5.3 | 0.01 | Dec 30, 2019 | IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. IBM X-Force ID: 145238. | ||
| CVE-2024-49340 | Med | 0.28 | 4.3 | 0.00 | Oct 16, 2024 | IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||
| CVE-2025-33116 | 0.00 | — | 0.00 | Sep 25, 2025 | IBM Watson Studio 4.0 through 5.2.0 on Cloud Pak for Data is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials… | |||
| CVE-2024-49790 | 0.00 | — | 0.00 | Aug 28, 2025 | IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure… |
- risk 0.36cvss 5.5epss 0.00
IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. IBM X-Force ID: 161413.
- risk 0.35cvss 5.3epss 0.01
IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. IBM X-Force ID: 145238.
- risk 0.28cvss 4.3epss 0.00
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
- CVE-2025-33116Sep 25, 2025risk 0.00cvss —epss 0.00
IBM Watson Studio 4.0 through 5.2.0 on Cloud Pak for Data is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…
- CVE-2024-49790Aug 28, 2025risk 0.00cvss —epss 0.00
IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…