Concert Software Security Vulnerabilities and Issues — Concert Software CVE List

Lucene search

IbmConcert Software

4 matches found

CVE•added 2024/11/19 8:15 p.m.•49 views

CVE-2024-37070

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

6.5CVSS4.2AI score0.00056EPSS

CVE•added 2024/11/15 3:15 p.m.•47 views

CVE-2024-41785

IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS6AI score0.00102EPSS

CVE•added 2025/05/02 1:15 a.m.•44 views

CVE-2024-55909

IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.

6.5CVSS6.3AI score0.00062EPSS

CVE•added 2025/05/02 1:15 a.m.•41 views

CVE-2024-55910

IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

6.5CVSS6.6AI score0.00038EPSS