CVE-2024-43181 IBM — Exploit & Vulnerability Details MEDIUM

CVE-2024-43181

MEDIUM CVSS 3.1: 6.3 EPSS 0.04%

Parameter	Value
CVSS	6.3 (MEDIUM)
Affected Versions	1.0.0 — 2.2.0
Fixed In	2.2.0
Type	CWE-613
Vendor	IBM
Public PoC	No

IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

Attack Parameters

Attack Vector

Network

Атака возможна удалённо

Attack Complexity

Low

Легко эксплуатировать

Privileges Required

Low

Нужны базовые права

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

Low

Частичная утечка данных

Integrity

Low

Частичная модификация данных

Availability

Low

Частичное нарушение работы

CVSS Vector v3.1

Weakness Type (CWE)

CWE-613

Vulnerable Products 1

ibm:concert

Known Affected Software Configurations 1

Configuration	From (including)	Up to (excluding)
Ibm Concert cpe:2.3:a:ibm:concert::::::::	`1.0.0`	`2.2.0`

References 1

https://www.ibm.com/support/pages/node/7257006

psirt@us.ibm.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2025-13688

IBM

8.8

CVE-2025-13687

IBM

8.8

CVE-2025-13686

IBM

8.8

CVE-2026-1265

IBM

5.3

CVE-2025-36364

IBM

3.3

Menu