Skip to main content

Ibm Watson Speech Services Cartridge EUVDEUVD-2026-38266

| CVE-2026-7253 HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-06-22 ibm GHSA-4pm6-4pwh-f3gg
8.8
CVSS 3.1 · NVD
Share

Severity by source

Vendor (ibm) PRIMARY
MEDIUM
qualitative
NVD
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.1 HIGH

Network-reachable SSRF needing a low-privilege account (PR:L); strong read/enumeration exposure (C:H) but only partial integrity impact and no inherent availability loss given the described enumeration/pivot outcome.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (ibm).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Jun 30, 2026 - 14:58 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 30, 2026 - 14:58 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 30, 2026 - 14:52 vuln.today
cvss_changed
Severity Changed
Jun 30, 2026 - 14:52 NVD
MEDIUM HIGH
CVSS changed
Jun 30, 2026 - 14:52 NVD
5.3 (MEDIUM) 8.8 (HIGH)
Analysis Generated
Jun 22, 2026 - 16:09 vuln.today

DescriptionNVD

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks [GHSA-rr7j-v2q5-chgv] [CVE-2026-7253]. IBM Sterling File Gateway is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below.

AnalysisAI

Server-Side Request Forgery in IBM Watson Speech Services Cartridge (versions 4.0.0 through 5.3.1) lets an authenticated attacker coerce the system into issuing crafted requests to internal or external hosts, enabling internal network enumeration and pivoting toward follow-on attacks. The weakness lives in the embedded IBM Sterling File Gateway component used by the speech runtimes (GHSA-rr7j-v2q5-chgv). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Recommended ActionAI

24 hours: Conduct complete inventory of Watson Speech Services Cartridge deployments; identify affected versions (4.0.0-5.3.1) and document all user accounts and service accounts with access. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-38266 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy