IBM DataStage on Cloud Pak for Data Exposes User Information

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

IBM DataStage on Cloud Pak for Data Exposes User Information

CVE-2025-13691

Summary

IBM DataStage on Cloud Pak for Data allows an attacker to obtain sensitive user information, potentially allowing them to pretend to be another user. This issue affects versions 5.1.2 to 5.3.0. Update to a fixed version to prevent unauthorized access.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
ibm	datastage_on_cloud_pak_for_data	> 5.1.2 , <= 5.3.1	–

Original title

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.

Original description

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.

nvd CVSS3.1 6.5

Vulnerability type

CWE-497

https://www.ibm.com/support/pages/node/7259956 Vendor Advisory

Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026