IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
                
            References
                    | Link | Resource | 
|---|---|
| https://www.ibm.com/support/pages/node/7180303 | Vendor Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    18 Jul 2025, 13:37
| Type | Values Removed | Values Added | 
|---|---|---|
| CPE | cpe:2.3:a:ibm:concert:1.0.2.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* | |
| First Time | Ibm concert Ibm | |
| Summary | 
 | |
| References | () https://www.ibm.com/support/pages/node/7180303 - Vendor Advisory | 
07 Jan 2025, 12:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-01-07 12:15
Updated : 2025-07-18 13:37
NVD link : CVE-2024-52366
Mitre link : CVE-2024-52366
CVE.ORG link : CVE-2024-52366
JSON object : View
Products Affected
                ibm
- concert
CWE
                
                    
                        
                        CWE-327
                        
            Use of a Broken or Risky Cryptographic Algorithm
