CVE-2025-64648

CWE-319Cleartext Transmission3 documents3 sources
Severity
5.9MEDIUM
EPSS
0.0%
top 97.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Concert
Timeline
PublishedMar 25

Description

IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/concert1.0.02.2.0
NVDibm/concert1.0.02.2.0

🔴Vulnerability Details

2
CVEList
Multiple Vulnerabilities in IBM Concert Software2026-03-25
GHSA
GHSA-2q55-36vw-45v7: IBM Concert 12026-03-25
CVE-2025-64648 (MEDIUM CVSS 5.9) | IBM Concert 1.0.0 through 2.2.0 tra | cvebase.io