CVE-2024-52359

CWE-2863 documents3 sources
Severity
8.8HIGH
EPSS
0.1%
top 72.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Concert SoftwareIBM Concert
Timeline
PublishedNov 19

Description

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/concert_software1.0.0, 1.0.1, 1.0.2, 1.0.2.1
NVDibm/concert4 versions+3

🔴Vulnerability Details

2
CVEList
IBM Concert Software improper access controls2024-11-19
GHSA
GHSA-9474-6fxf-wjj8: IBM Concert Software 12024-11-19
CVE-2024-52359 (HIGH CVSS 8.8) | IBM Concert Software 1.0.0 | cvebase.io