Home

Description

IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.

PUBLISHED Reserved 2024-08-07 | Published 2024-10-22 | Updated 2024-10-22 | Assigner ibm




MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Problem types

CWE-295 Improper Certificate Validation

Product status

Default status
unaffected

1.0.0, 1.0.1
affected

References

www.ibm.com/support/pages/node/7173596 vendor-advisory

cve.org (CVE-2024-43177)

nvd.nist.gov (CVE-2024-43177)

Download JSON