PatchSiren

PatchSiren cyber security CVE debrief

CVE-2025-36220 IBM CVE debrief

A SQL injection vulnerability exists in IBM Cloud Pak for Data System - Cyclops versions 11.3.0.2 through Interim Fix 002. The vulnerability allows a remote, authenticated attacker to send specially crafted SQL statements that could enable viewing, adding, modifying, or deleting information in the back-end database. The CVSS 3.1 vector indicates network attack vector with low attack complexity, requiring low privileges but no user interaction. The vulnerability is classified as CWE-89 (SQL Injection). IBM has published a security bulletin with remediation guidance.

Vendor
IBM
Product
Cloud Pak for Data System - Cyclops
CVSS
MEDIUM 4.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-26
Original CVE updated
2026-05-26
Advisory published
2026-05-26
Advisory updated
2026-05-26

Who should care

Organizations running IBM Cloud Pak for Data System - Cyclops 11.3.0.2, database administrators, security operations teams monitoring for SQL injection attempts, and compliance teams tracking vulnerability remediation for enterprise data platforms.

Technical summary

The Cyclops component in IBM Cloud Pak for Data System 11.3.0.2 through Interim Fix 002 fails to properly sanitize user-supplied input before constructing SQL queries. An attacker with low-privilege network access can inject malicious SQL syntax to manipulate back-end database operations. The vulnerability is rated CVSS 3.1 4.3 (Medium) with impact limited to integrity (no confidentiality or availability impact per current scoring). The attack requires authentication but no user interaction.

Defensive priority

medium

Recommended defensive actions

  • Apply IBM interim fix for Cyclops 11.3.0.2 or upgrade to a fixed version per IBM security bulletin guidance
  • Review database access logs for anomalous SQL query patterns from authenticated users
  • Implement principle of least privilege for database accounts used by Cyclops components
  • Consider web application firewall (WAF) rules to detect and block common SQL injection patterns
  • Monitor IBM PSIRT for updated remediation guidance as NVD analysis is pending

Evidence notes

CVE published 2026-05-26T17:16:29.143Z; modified 2026-05-26T19:06:14.330Z. IBM PSIRT reference confirms vendor acknowledgment. NVD status: Awaiting Analysis.

Official resources

2026-05-26