Summary IBM Concert is vulnerable to sensitive information disclosure through specially crafted API Calls. Vulnerability Details CVEID:CVE-2024-49354 DESCRIPTION: IBM Concert is vulnerable to sensitive information disclosure through specially crafted API Calls. CWE:CWE-213: Exposure of Sensitive Information Due to Incompatible Policies CVSS Source: IBM CVSS Base score: 5.3 CVSS Vector:(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions Affected Product(s)| Version(s) —|— IBM Concert Software| 1.0.0 – 1.0.1 – 1.0.2 Remediation/Fixes IBM strongly recommends addressing the vulnerability now. Product(s)| Version(s)| Remediation /Fix/Instructions —|—|— IBM Concert Software| 1.0.2.1| Download and follow installation instructions for IBM Concert Software 1.0.2.1 from IBM Entitled Registry (ICR) Workarounds and Mitigations…Read More