CVE-2025-33099: IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to perform unauthorized actions using man in the middle techniques due to improper…

medium5.9CVSS 3.1

AVNACHPRNUINSUCHINAN

IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to perform unauthorized actions using man in the middle techniques due to improper certificate validation.

Affected

14 ranges

Vendor	Product	Version range	Fixed in
ibm	concert	>= 1.0.0 < 2.0.0	2.0.0
ibm	concert_software	1.0.0 – 1.1.0	—
msrc	azl3_ceph_18.2.2-8_on_azure_linux_3.0	—	—
msrc	azl3_memcached_1.6.27-3_on_azure_linux_3.0	—	—
msrc	azl3_nmap_7.94-1_on_azure_linux_3.0	—	—
msrc	azl3_nmap_7.95-1_on_azure_linux_3.0	—	—
msrc	azl3_ntopng_5.2.1-4_on_azure_linux_3.0	—	—
msrc	azl3_ntopng_5.2.1-5_on_azure_linux_3.0	—	—
msrc	azure_linux_3.0_arm	—	—
msrc	azure_linux_3.0_x64	—	—
msrc	cbl2_lua_5.4.3-4_on_cbl_mariner_2.0	—	—
msrc	cbl_mariner_2.0_arm	—	—
msrc	cbl_mariner_2.0_x64	—	—
msrc	cm1_lua_5.3.5-9_on_cbl_mariner_1.0	—	—