Unexpected States and Crashes in IBM Watson Speech Services Cartridge

CVE-2024-49353

7.5HIGH

Key Information

Vendor: IBM
Status: Watson Speech Services Cartridge For IBM Cloud Pak For Data
Vendor: CVE Published:; 26 November 2024

Summary

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 through 5.0.2 does not properly check inputs to resources that are used concurrently, which might lead to unexpected states, possibly resulting in a crash.

Affected Version(s)

Watson Speech Services Cartridge for IBM Cloud Pak for Data <= 5.0.2

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Nov 26, 2024
Vulnerability Reserved.
Oct 14, 2024

Collectors

NVD DatabaseMitre Database