CVE Daily

CVE-2024-49354

IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information discl...

Medium CVSS 5.3

Overview

IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.

CWE: CWE-213 Published: 2025-01-18T16:15:39.040
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.3 (MEDIUM)
  • Detected tags: info_leak (tag impact: LOW)

Recommended actions:

  • Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Recommended tools

Tags