CVE-2025-13687

Published Mar 3, 2026

Last updated a day ago

CVSS medium 6.3

Database

Overview

Description: IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.
Source: psirt@us.ibm.com
NVD status: Analyzed
Products: datastage_on_cloud_pak_for_data

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

psirt@us.ibm.com: CWE-78

Hype score: Not currently trending

🚨*CVE* CVE-2025-13687 IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due … https://t.co/yrAWHApabF ----- Traducción: CVE-2025-13687 IBM… https://t.co/utmtNg
@infoflowcloud
3 Mar 2026
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:datastage_on_cloud_pak_for_data:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "5DB38701-1394-4552-8D77-D36B06B5D7E4",
            "versionEndExcluding": "5.3.1",
            "versionStartIncluding": "5.1.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References