IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
History

Fri, 25 Oct 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-Other

Tue, 22 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 22 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
Description IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
Title IBM Concert information disclosure
First Time appeared Ibm
Ibm concert
Weaknesses CWE-1275
CPEs cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm concert
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2024-10-22T14:48:21.218Z

Updated: 2024-10-22T15:14:41.197Z

Reserved: 2024-08-07T13:29:17.952Z

Link: CVE-2024-43173

cve-icon Vulnrichment

Updated: 2024-10-22T15:14:35.647Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-22T15:15:06.800

Modified: 2024-10-25T15:40:19.977

Link: CVE-2024-43173

cve-icon Redhat

No data.