CNNVD-202509-047 Information

CNNVD ID

CNNVD-202509-047

Related CVE

CVE-2025-33084

• CNNVD Published: 2025-09-01

Description (Chinese)

IBM Concert Software是美国国际商业机器（IBM）公司的一个应用生命周期风险识别软件。 IBM Concert Software 1.0.0至1.1.0版本存在加密问题漏洞，该漏洞源于未正确启用HTTP严格传输安全，可能导致敏感信息泄露。

Description (English)

IBM Concert Software is an application life-cycle risk identification software for IBM. Versions 1.0.0 to 1.1.0 of IBM Concert Software contain encryption loopholes, which stem from the incorrect use of HTTP for strict transmission security and may lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

加密问题

Affected Vendor

国际商业机器

Published

2025-09-01

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7243699 https://nvd.nist.gov/vuln/detail/CVE-2025-33084 https://access.redhat.com/security/cve/cve-2025-33084

Patch

https://www.ibm.com/support/pages/node/7243699