CVE-2024-55913
published 2025-05-02CVE-2024-55913: IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | concert | >= 1.0.0 < 1.1.0 | 1.1.0 |
| ibm | concert_software | 1.0.0 – 1.0.5 | — |