CVE-2024-49353 HIGH

CVE-2024-49353: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data denial of service

Vendor Ibm
Product Watson Speech Services Cartridge for IBM Cloud Pak for Data
Weakness CWE-362
Published November 26, 2024
Last update November 26, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 through 5.0.2 does not properly check inputs to resources that are used concurrently, which might lead to unexpected states, possibly resulting in a crash.

Key dates

02Disclosure timeline

November 26, 2024 CVE published
November 26, 2024 Record updated