Security Bulletin: Several vulnerabilities affect Watson Machine Learning Accelerator on Cloud Pak for Data 5.0.0

April 29, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title Security Bulletin: Several vulnerabilities affect Watson Machine Learning Accelerator on Cloud Pak for Data 5.0.0
Type ibm
Published 2025-04-29T02:33:18
Last Seen 2025-04-29T11:05:59
CVSS Score 7.8 (HIGH)

CVSS v3 Details

Attack Vector LOCAL
Attack Complexity LOW
Privileges Required NONE
User Interaction REQUIRED
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

CVE Information

CVE IDs CVE-2018-20225, CVE-2022-25882, CVE-2023-25193, CVE-2024-25026, CVE-2024-27318, CVE-2024-28102, CVE-2024-34069, CVE-2024-3568
CWE
Bulletin Family software

Description

## Summary

Several vulnerabilities in Watson Machine Learning Accelerator on Cloud Pak for Data 5.0.0 have been fixed in Watson Machine Learning Accelerator on Cloud Pak for Data 5.0 latest refresh.

## Vulnerability Details

**CVEID:**CVE-2024-3568
**DESCRIPTION:** Hugging Face Transformers could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the load_repo_checkpoint() function under the TFPreTrainedModel() class. By persuading a victim to load specially crafted payload during a normal training process, an attacker could exploit this vulnerability to execute arbitrary code on the system.
**CWE:**CWE-502: Deserialization of Untrusted Data
**CVSS Source:** IBM X-Force
**CVSS Base score:** 3.4
**CVSS Vector:**(CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L)

**CVEID:**CVE-2024-25026
**DESCRIPTION:** IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 281516.
**CWE:**CWE-770: Allocation of Resources Without Limits or Throttling
**CVSS Source:** IBM X-Force
**CVSS Base score:** 5.9
**CVSS Vector:**(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

**CVEID:**CVE-2018-20225
**DESCRIPTION:** Pip could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the –extra-index-url option. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. Note: This vulnerability is being disputed as the vulnerability being reported is the intended functionality and the user is responsible for using –extra-index-url securely.
**CWE:**CWE-20: Improper Input Validation
**CVSS Source:** IBM X-Force
**CVSS Base score:** 7.8
**CVSS Vector:**(CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

**CVEID:**CVE-2024-28102
**DESCRIPTION:** JWCrypto is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted JWE Token with a high compression ratio, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
**CWE:**CWE-770: Allocation of Resources Without Limits or Throttling
**CVSS Source:** CVE.org
**CVSS Base score:** 6.8
**CVSS Vector:**(CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)

**CVEID:**CVE-2024-34069
**DESCRIPTION:** Pallets Werkzeug could allow a remote attacker to execute arbitrary code on the system, caused by improper usage of a pathname and improper CSRF protection in the debugger. By persuading a victim to interact with a domain and subdomain they control, enter the debugger PIN and guess a URL in the developer’s application that will trigger the debugger, an attacker could exploit this vulnerability to execute arbitrary code on the system.
**CWE:**CWE-352: Cross-Site Request Forgery (CSRF)
**CVSS Source:** IBM X-Force
**CVSS Base score:** 7.5
**CVSS Vector:**(CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

**CVEID:**CVE-2024-27318
**DESCRIPTION:** Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.
**CWE:**CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
**CVSS Source:** NVD
**CVSS Base score:** 7.5
**CVSS Vector:**(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

**CVEID:**CVE-2023-25193
**DESCRIPTION:** Harfbuzz is vulnerable to a denial of service, caused by an error in hb-ot-layout-gsubgpos.hh. By using consecutive marks during the process of looking back for base glyphs when attaching marks, a remote attacker could exploit this vulnerability to trigger O(n^2) growth and cause a denial of service.
**CWE:**CWE-770: Allocation of Resources Without Limits or Throttling
**CVSS Source:** IBM X-Force
**CVSS Base score:** 7.5
**CVSS Vector:**(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

## Affected Products and Versions

Affected Product(s) | Version(s)
—|—
Watson Machine Learning Accelerator on Cloud Pak for Data | 5.0.0

## Remediation/Fixes

To address the vulnerabilities, upgrade Watson Machine Learning Accelerator on Cloud Pak current version to the 5.0 latest refresh. Follow the instruction**here.**

## Workarounds and Mitigations

None

##

Impact Assessment

Base Score 7.8
Severity HIGH

View full CVE details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.