- Description
- IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
- Source
- psirt@us.ibm.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- psirt@us.ibm.com
- CWE-213
- Hype score
- Not currently trending
CVE-2024-49354 IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls. https://t.co/RG15HFULaa
@CVEnew
18 Jan 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-49354 | IBM Concert Software 1.0.0/1.0.1/1.0.2 API Call exposure of sensitive information due to incompatible policies) has been published on https://t.co/l3hGRSpPyn
@WolfgangSesin
18 Jan 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes