IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7173596 |
![]() ![]() |
History
Mon, 29 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-319 |
Wed, 05 Feb 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 24 Jan 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | |
Title | IBM Concert Software information disclosure | |
First Time appeared |
Ibm
Ibm concert |
|
Weaknesses | CWE-311 | |
CPEs | cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm concert |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-29T15:13:21.541Z
Reserved: 2024-07-22T12:02:37.815Z
Link: CVE-2024-41757

Updated: 2025-02-05T18:24:22.005Z

Status : Modified
Published: 2025-01-24T16:15:36.297
Modified: 2025-09-29T16:15:35.047
Link: CVE-2024-41757

No data.

No data.