Vulnerabilities > CVE-2024-52360 - Unspecified vulnerability in IBM Concert Software

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

critical

NVD

Published: 2024-11-19

Updated: 2025-03-04

Summary

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Concert Software 1.0.0 IBM Concert Software 1.0.1 IBM Concert Software 1.0.2 IBM Concert Software 1.0.2.1	4

References

https://www.ibm.com/support/pages/node/7176346