CVE 5.1 MEDIUM

IBM Concert Information Disclosure_CVE-2025-36158

November 20, 2025 invoker category_cve
5.1 / 10
MEDIUM
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recursive directory copying.

Basic Information

ID CVE-2025-36158
Source ibm
Published Nov 20, 2025 at 21:19
Modified Nov 20, 2025 at 21:36

Affected Product

Vendor IBM
Product Concert
Version 1.0.0
Affected Versions IBM Concert 1.0.0

CWE Classification

CWE-674

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.