Main Vulnerability Database SB2024112924

SB2024112924 - Race condition in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

Published: November 29, 2024

Security Bulletin ID SB2024112924

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Race condition (CVE-ID: CVE-2024-49353)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data does not properly check inputs to resources that are used concurrently. A local user can exploit the race and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.ibm.com/support/pages/node/7177065