Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data,...

6 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

Description

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.

Basic Information

ID CVE-2025-2669

Source ibm

Published Jun 22, 2026 at 13:18

Affected Product

Vendor IBM

Product Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data

Version 4.8.0

Affected Versions IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 4.8.0
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 5.0.0

CWE Classification

CWE-295

References

www.ibm.com /support/pages/node/7277112

{
    "lastseen": "",
    "description": "IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation.",
    "published": "2026-06-22T13:18:42.153Z",
    "modified": "2026-06-22T13:18:42.153Z",
    "type": "cve",
    "title": "Multiple vulnerabilities affect IBM Db2\u00ae on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7277112",
    "id": "CVE-2025-2669",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 4.8.0\nIBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 5.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data",
    "version": "4.8.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data._CVE-2025-2669