Information Disclosure in IBM DataStage on Cloud Pak for Data
CVE-2025-13691

8.1HIGH

Key Information:

Vendor: IBM
Status: Datastage On Cloud Pak For Data
Vendor: CVE Published:; 17 February 2026

What is CVE-2025-13691?

IBM DataStage on Cloud Pak for Data versions 5.1.2 to 5.3.0 contains a vulnerability where sensitive information is exposed in HTTP responses. This information could potentially be leveraged by attackers to impersonate legitimate users within the system, compromising user identity and system security. It is crucial for organizations utilizing these versions to apply necessary updates to mitigate this vulnerability.

Affected Version(s)

DataStage on Cloud Pak for Data 5.1.2 <= 5.3.0

References

https://www.ibm.com/support/pages/node/7259956

vendor-advisorypatch

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Nov 25, 2025

CVE-2025-13691 Data

JSON