IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
References
Link | Resource |
---|---|
https://www.ibm.com/support/pages/node/7173596 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Jul 2025, 13:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:* |
|
References | () https://www.ibm.com/support/pages/node/7173596 - Vendor Advisory | |
First Time |
Ibm concert
Ibm |
|
Summary |
|
24 Jan 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-24 16:15
Updated : 2025-07-18 13:40
NVD link : CVE-2024-41757
Mitre link : CVE-2024-41757
CVE.ORG link : CVE-2024-41757
JSON object : View
Products Affected
ibm
- concert
CWE
CWE-311
Missing Encryption of Sensitive Data