← Back

CVE-2025-33084

nvd nist
Published: Sep 1, 2025Modified: Sep 3, 2025

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.2 / Impact: 3.6
Source: psirt@us.ibm.com (Secondary)

Description

IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

Affected (1)

Products: Ibm: Concert
Ibm
1 product
Concert
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Concert
From 1.0.0 to 2.0.0

Related CWEs

CWE-327
Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.

References (1)

Source: psirt@us.ibm.com
Vendor Advisory

Timeline

No history available yet.