CVE-2024-52367

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7180303	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:concert:1.0.0:::::::*
	cpe:2.3:a:ibm:concert:1.0.1:::::::*
	cpe:2.3:a:ibm:concert:1.0.2:::::::*
	cpe:2.3:a:ibm:concert:1.0.2.1:::::::*
	cpe:2.3:a:ibm:concert:1.0.3:::::::*

History

No history.

Information

Published : 2025-01-07 12:15

Updated : 2025-07-18 13:38

NVD link : CVE-2024-52367

Mitre link : CVE-2024-52367

CVE.ORG link : CVE-2024-52367

JSON object : View

Products Affected

ibm

concert

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

NVD-CWE-noinfo

{"id": "CVE-2024-52367", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-01-07T12:15:24.847", "references": [{"url": "https://www.ibm.com/support/pages/node/7180303", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-497"}]}, {"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system."}, {"lang": "es", "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1 y 1.0.3 podr\u00eda revelar informaci\u00f3n confidencial del sistema a un actor no autorizado que podr\u00eda utilizarse en futuros ataques contra el sistema."}], "lastModified": "2025-07-18T13:38:31.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "557B94A2-6EC2-4F29-95AE-306B55C7C11D"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB02F586-96A0-4FAC-91CD-2B48EF222945"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35C3FEC7-5494-4120-B80F-87E19F9874F4"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFF310F-2638-44A4-927B-9E799D9AC172"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41C89595-90AB-41CD-AA0A-895E264CD474"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}