{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-43181", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2024-08-07T13:29:34.028Z", "datePublished": "2026-02-04T21:18:38.919Z", "dateUpdated": "2026-02-04T21:18:38.919Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:concert:2.1.0:*:*:*:*:*:*:*"], "product": "Concert", "vendor": "IBM", "versions": [{"lessThanOrEqual": "2.1.0", "status": "affected", "version": "1.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.</p>"}], "value": "IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-613", "description": "CWE-613 Insufficient Session Expiration", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-02-04T21:18:38.919Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7257006"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The recommended solution to address this vulnerability is to upgrade IBM Db2 Big SQL to version 8.2 or later available on IBM Cloud Pak for Data 5.2 or later by following the instructions for </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-data/5.2.x?topic=upgrading\">Upgrading Cloud Pak for Data</a><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;and </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-data/5.2.x?topic=sql-upgrading\">Upgrading the Db2 Big SQL</a><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;service.</span><br>"}], "value": "The recommended solution to address this vulnerability is to upgrade IBM Db2 Big SQL to version 8.2 or later available on IBM Cloud Pak for Data 5.2 or later by following the instructions for Upgrading Cloud Pak for Data https://www.ibm.com/docs/en/cloud-paks/cp-data/5.2.x \u00a0and Upgrading the Db2 Big SQL https://www.ibm.com/docs/en/cloud-paks/cp-data/5.2.x \u00a0service."}], "title": "Multiple Vulnerabilities in IBM Concert Software", "x_generator": {"engine": "ibm-cvegen"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system."}], "id": "CVE-2024-43181", "lastModified": "2026-02-04T22:15:56.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-02-04T22:15:56.663", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7257006"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}