CVE-2024-52367

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7180303	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:concert:1.0.0:::::::*
	cpe:2.3:a:ibm:concert:1.0.1:::::::*
	cpe:2.3:a:ibm:concert:1.0.2:::::::*
	cpe:2.3:a:ibm:concert:1.0.2.1:::::::*
	cpe:2.3:a:ibm:concert:1.0.3:::::::*

History

18 Jul 2025, 13:38

Type	Values Removed	Values Added
First Time		Ibm concert Ibm
CPE		cpe:2.3:a:ibm:concert:1.0.2.1:::::::* cpe:2.3:a:ibm:concert:1.0.1:::::::* cpe:2.3:a:ibm:concert:1.0.2:::::::* cpe:2.3:a:ibm:concert:1.0.3:::::::* cpe:2.3:a:ibm:concert:1.0.0:::::::*
CWE		NVD-CWE-noinfo
Summary		(es) IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1 y 1.0.3 podría revelar información confidencial del sistema a un actor no autorizado que podría utilizarse en futuros ataques contra el sistema.
References	~~() https://www.ibm.com/support/pages/node/7180303 -~~	() https://www.ibm.com/support/pages/node/7180303 - Vendor Advisory

07 Jan 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-07 12:15

Updated : 2025-07-18 13:38

NVD link : CVE-2024-52367

Mitre link : CVE-2024-52367

CVE.ORG link : CVE-2024-52367

JSON object : View

Products Affected

ibm

concert

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

NVD-CWE-noinfo

{"id": "CVE-2024-52367", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-01-07T12:15:24.847", "references": [{"url": "https://www.ibm.com/support/pages/node/7180303", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-497"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system."}, {"lang": "es", "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1 y 1.0.3 podr\u00eda revelar informaci\u00f3n confidencial del sistema a un actor no autorizado que podr\u00eda utilizarse en futuros ataques contra el sistema."}], "lastModified": "2025-07-18T13:38:31.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "557B94A2-6EC2-4F29-95AE-306B55C7C11D"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB02F586-96A0-4FAC-91CD-2B48EF222945"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35C3FEC7-5494-4120-B80F-87E19F9874F4"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFF310F-2638-44A4-927B-9E799D9AC172"}, {"criteria": "cpe:2.3:a:ibm:concert:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41C89595-90AB-41CD-AA0A-895E264CD474"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}