IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
References
Link | Resource |
---|---|
https://www.ibm.com/support/pages/node/7173596 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Oct 2024, 16:05
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ibm concert
Ibm |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://www.ibm.com/support/pages/node/7173596 - Vendor Advisory | |
CPE | cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* |
23 Oct 2024, 15:12
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
22 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-22 15:15
Updated : 2024-10-25 16:05
NVD link : CVE-2024-43177
Mitre link : CVE-2024-43177
CVE.ORG link : CVE-2024-43177
JSON object : View
Products Affected
ibm
- concert
CWE
CWE-295
Improper Certificate Validation