CVE-2024-43189

Name of the Vulnerable Software and Affected Versions IBM Concert Software versions 1.0.0 through 1.0.1

Description The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using man-in-the-middle techniques. This could potentially lead to data compromise.

Recommendations For versions 1.0.0 through 1.0.1, upgrade the affected component immediately to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the upgrade is applied.