A critical vulnerability in the IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data has been disclosed, enabling blind SQL injection attacks that could compromise sensitive data.
Tracked as CVE-2025-0165, this flaw allows authenticated attackers to inject malicious SQL statements, potentially leading to unauthorized data access, manipulation, or deletion in the back-end database.
IBM’s Watsonx platform offers advanced AI and orchestration capabilities within the Cloud Pak for Data suite.
https://gbhackers.com/ibm-watsonx-vulnerability/