CVE-2024-52891

Summary

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3

could allow an authenticated user to inject malicious information or obtain information from log files due to improper log neutralization.

Affected Software

VendorProductVersion RangeStatus
IBMConcert Software1.0.0, 1.0.1, 1.0.2, 1.0.2.1, 1.0.3affected

Weaknesses

  • CWE-117: CWE-117 Improper Output Neutralization for Logs

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References