{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13688", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-11-25T20:00:35.162Z", "datePublished": "2026-03-03T20:44:40.905Z", "dateUpdated": "2026-03-03T21:30:47.045Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:datastage_on_cloud_pak_for_data:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:datastage_on_cloud_pak_for_data:5.3.0:*:*:*:*:*:*:*"], "product": "DataStage on Cloud Pak for Data", "vendor": "IBM", "versions": [{"lessThanOrEqual": "5.3.0", "status": "affected", "version": "5.1.2", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.</p>"}], "value": "IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-03-03T20:44:40.905Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7262347"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerability now by upgrading. Product(s) Version(s) number and/or range Remediation/Fix/Instructions DataStage on Cloud Pak for Data 5.1.2 - 5.3.0 Upgrade to version 5.3.1 or later</p>"}], "value": "IBM strongly recommends addressing the vulnerability now by upgrading. Product(s) Version(s) number and/or range Remediation/Fix/Instructions DataStage on Cloud Pak for Data 5.1.2 - 5.3.0 Upgrade to version 5.3.1 or later"}], "title": "DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment", "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-03T21:30:35.882396Z", "id": "CVE-2025-13688", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T21:30:47.045Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13688", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-03T21:30:35.882396Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T21:30:39.373Z"}}], "cna": {"title": "DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:datastage_on_cloud_pak_for_data:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:datastage_on_cloud_pak_for_data:5.3.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "DataStage on Cloud Pak for Data", "versions": [{"status": "affected", "version": "5.1.2", "versionType": "semver", "lessThanOrEqual": "5.3.0"}]}], "solutions": [{"lang": "en", "value": "IBM strongly recommends addressing the vulnerability now by upgrading. Product(s) Version(s) number and/or range Remediation/Fix/Instructions DataStage on Cloud Pak for Data 5.1.2 - 5.3.0 Upgrade to version 5.3.1 or later", "supportingMedia": [{"type": "text/html", "value": "<p>IBM strongly recommends addressing the vulnerability now by upgrading. Product(s) Version(s) number and/or range Remediation/Fix/Instructions DataStage on Cloud Pak for Data 5.1.2 - 5.3.0 Upgrade to version 5.3.1 or later</p>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7262347", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-03-03T20:44:40.905Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13688", "state": "PUBLISHED", "dateUpdated": "2026-03-03T21:30:47.045Z", "dateReserved": "2025-11-25T20:00:35.162Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-03-03T20:44:40.905Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component."}], "id": "CVE-2025-13688", "lastModified": "2026-03-03T21:52:29.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2026-03-03T21:15:56.287", "references": [{"source": "[email protected]", "url": "https://www.ibm.com/support/pages/node/7262347"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Primary"}]}

{}