CNNVD-202510-3802 Information

CNNVD ID

CNNVD-202510-3802

Related CVE

CVE-2025-36085

• CNNVD Published: 2025-10-28

Description (Chinese)

IBM Concert是美国国际商业机器（IBM）公司的一种新工具。使用生成式 AI 来帮助管理复杂的云原生应用程序。 IBM Concert 1.0.0版本至2.0.0版本存在代码问题漏洞，该漏洞源于容易受到服务端请求伪造攻击，可能导致网络枚举或促进其他攻击。

Description (English)

IBM Concert is a new tool for IBM. Use the Generating AI to help manage complex cloud raw applications. There is a code gap between IBM Concert 1.0.0 and 2.0.0, which arises out of the vulnerability of the service to requests for false attacks, which may lead to cybernaming or promotion of other attacks.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

国际商业机器

Published

2025-10-28

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7249356 https://access.redhat.com/security/cve/cve-2025-36085

Patch

https://www.ibm.com/support/pages/node/7249356