CVE-2025-33101

Summary

IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper clearing of heap memory.

Affected Software

VendorProductVersion RangeStatus
IBMConcert1.0.0 <= 2.1.0affected

Weaknesses

  • CWE-244: CWE-244 Improper Clearing of Heap Memory Before Release ('Heap Inspection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References