Concert Software@* Security Vulnerabilities and Issues — Concert Software@* CVE List

Lucene search

IbmConcert Software*

4 matches found

CVE•added 2025/05/02 1:15 a.m.•45 views

CVE-2024-55913

IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

5.3CVSS5.3AI score0.0007EPSS

CVE•added 2025/05/02 1:15 a.m.•44 views

CVE-2024-55909

IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.

6.5CVSS6.3AI score0.00062EPSS

CVE•added 2025/05/02 1:15 a.m.•44 views

CVE-2024-55912

IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.9CVSS5.6AI score0.00018EPSS

CVE•added 2025/05/02 1:15 a.m.•41 views

CVE-2024-55910

IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

6.5CVSS6.6AI score0.00038EPSS