CVE-2024-37070

CWE-497CWE-3593 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 61.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM ConcertIBM Concert Software
Timeline
PublishedNov 19

Description

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/concert_software1.0.0, 1.0.1, 1.0.2, 1.0.2.1
NVDibm/concert1.0.01.0.2.1

🔴Vulnerability Details

2
GHSA
GHSA-jcp5-52c9-m2w2: IBM Concert Software 12024-11-19
CVEList
IBM Concert Software information disclosure2024-11-19
CVE-2024-37070 (MEDIUM CVSS 6.5) | IBM Concert Software 1.0.0 | cvebase.io