9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.011 Low
EPSS
Percentile
84.5%
A Redhat glibc Vulnerability affecting Watson Speech Services has been fixed in the latest version of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.3
CVEID:CVE-2021-35942
**DESCRIPTION:**GNU C Library (aka glibc) could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read arbitrary memory in parse_param (in posix/wordexp.c), or cause the application to crash.
CVSS Base score: 7.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/206317 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data | 4.0.3 |
Download and install the newest deployment of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data to your ICP cluster. This deployment contains an upgrade containing the fix for this issue.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm speech to text for ibm cloud | eq | 1.0.0 | |
ibm speech to text for ibm cloud | eq | 4.0.3 |
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.011 Low
EPSS
Percentile
84.5%