Skip to main content

Ibm Watson Speech Services Cartridge

1 CVEs product

Monthly

CVE-2026-7253 HIGH This Week

Server-Side Request Forgery in IBM Watson Speech Services Cartridge (versions 4.0.0 through 5.3.1) lets an authenticated attacker coerce the system into issuing crafted requests to internal or external hosts, enabling internal network enumeration and pivoting toward follow-on attacks. The weakness lives in the embedded IBM Sterling File Gateway component used by the speech runtimes (GHSA-rr7j-v2q5-chgv). No public exploit identified at time of analysis; EPSS is low (0.18%, 8th percentile) and CISA SSVC marks exploitation as none, so this is a patch-priority issue rather than an emergency.

IBM SSRF Ibm Watson Speech Services Cartridge
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
EPSS 0% CVSS 8.8
HIGH This Week

Server-Side Request Forgery in IBM Watson Speech Services Cartridge (versions 4.0.0 through 5.3.1) lets an authenticated attacker coerce the system into issuing crafted requests to internal or external hosts, enabling internal network enumeration and pivoting toward follow-on attacks. The weakness lives in the embedded IBM Sterling File Gateway component used by the speech runtimes (GHSA-rr7j-v2q5-chgv). No public exploit identified at time of analysis; EPSS is low (0.18%, 8th percentile) and CISA SSVC marks exploitation as none, so this is a patch-priority issue rather than an emergency.

IBM SSRF Ibm Watson Speech Services Cartridge
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy