Unexpected States and Crashes in IBM Watson Speech Services Cartridge
CVE-2024-49353

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Watson Speech Services Cartridge For IBM Cloud Pak For Data
Vendor: CVE Published:; 26 November 2024

What is CVE-2024-49353?

The IBM Watson Speech Services Cartridge, part of the IBM Cloud Pak for Data suite, features an input validation vulnerability due to improper checks on resources that are accessed concurrently. This flaw may lead to unpredictable system states, potentially resulting in service disruptions or crashes. Users of affected versions (4.0.0 to 5.0.2) should take immediate action to evaluate their systems and apply available patches as recommended by IBM to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 <= 5.0.2

References

https://www.ibm.com/support/pages/node/7177065

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 26, 2024
Vulnerability Reserved
Oct 14, 2024

JSON

IBM

What is CVE-2024-49353?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.