PT-2025-18734 · Ibm · Ibm Concert

CVE-2024-55913

·

Published

2025-05-02

·

Updated

2025-05-02

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Concert Software versions 1.0.0 through 1.0.5
Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Recommendations For IBM Concert Software versions 1.0.0 through 1.0.5, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, avoid using URL requests that contain "dot dot" sequences (/../) until a patch is available.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2024-55913

Affected Products

Ibm Concert