In a critical disclosure dated August 29, 2025, IBM has confirmed that certain versions of the watsonx Orchestrate Cartridge for Cloud Pak for Data are vulnerable to a Blind SQL Injection flaw (CVE-2025-0165) that could allow authenticated attackers to manipulate back-end database records.
Vulnerability Overview
The vulnerability resides in the input sanitization routines of IBM Watsonx Orchestrate Cartridge versions 4.8.4 through 4.8.5 and 5.0.0 through 5.2.
A remote attacker with low privileges (PR:L) can inject specially crafted SQL statements via application parameters that are concatenated directly into queries without proper neutralization (CWE-89).
The flaw is classified as Blind SQL Injection because the injection point does not return error messages or result sets directly; instead, attackers infer data by measuring response times or boolean evaluation.
A proof-of-concept exploit illustrates the issue:
sql-- Inject payload into a vulnerable parameter 'taskId'
SELECT * FROM orchestrate_tasks
WHERE task_id = '1' AND (SELECT CASE WHEN (SUBSTR(database(),1,1)='c') THEN pg_sleep(5) ELSE pg_sleep(0) END);
Here, the attacker uses PostgreSQL’s pg_sleep() function to measure delays and extract one character of the database name per request, demonstrating the time-based Blind SQL Injection technique.
Impact and Severity
IBM rates this vulnerability with a CVSS 3.1 Base Score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L), indicating high confidentiality impact with limited integrity and availability consequences.
Exploitation could permit unauthorized disclosure of sensitive data—such as credentials, configuration details, or personally identifiable information (C[P] = High)—and limited manipulation of non-critical records (I = Low; A = Low).
Enterprises deploying the affected cartridge risk systemic compromise of database contents if authentication barriers are weakened.
The Blind SQL Injection nature makes detection more challenging, as normal application flow continues without obvious errors.
Security teams should treat this as a priority finding in their vulnerability management programs and monitor application logs for anomalous latency spikes or unusual payload patterns, such as conditional pg_sleep() or IF(…) constructs.
Remediation Guidelines
IBM strongly recommends an immediate upgrade to watsonx Orchestrate Cartridge 5.2.0.1, which includes input parameterization and prepared-statement enforcement to fully mitigate SQL injection risks.
No workarounds or temporary mitigations are provided beyond upgrading.
Organizations unable to patch immediately should enforce web application firewall (WAF) rules to block common SQL injection payloads (e.g., UNION SELECT, pg_sleep(), ' OR '1'='1') and restrict network access to the IBM Cloud Pak for Data management interface.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
%20(1).webp?resize=1600,900&ssl=1&description=The vulnerability resides in the input sanitization routines of IBM Watsonx Orchestrate Cartridge versions 4.8.4 through 4.8.5 and 5.0.0 through 5.2.){kind=link}