Server-Side Request Forgery Vulnerability in IBM Sterling File Gateway
CVE-2026-7253

5.3MEDIUM

Key Information:

Vendor: IBM
Status: IBM Watson Speech Services Cartridge
Vendor: CVE Published:; 22 June 2026

What is CVE-2026-7253?

IBM Sterling File Gateway, part of IBM Watson Speech Services, contains a Server-Side Request Forgery (SSRF) vulnerability. This flaw allows an authenticated attacker to potentially send unauthorized requests from the system, which could lead to network enumeration and the facilitation of further attacks. Prompt remediation is essential to secure affected systems and mitigate potential threats.

Affected Version(s)

IBM Watson Speech Services Cartridge 4.0.0 <= 5.3.1

References

https://www.ibm.com/support/pages/node/7276994

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 22, 2026
Vulnerability Reserved
Apr 27, 2026

CVE-2026-7253 Data

JSON