CNNVD-202511-2337 Information

CNNVD ID

CNNVD-202511-2337

Related CVE

CVE-2025-36161

• CNNVD Published: 2025-11-20

Description (Chinese)

IBM Concert是美国国际商业机器（IBM）公司的一种新工具。使用生成式 AI 来帮助管理复杂的云原生应用程序。 IBM Concert 1.0.0版本至2.0.0版本存在加密问题漏洞，该漏洞源于未正确启用HTTP严格传输安全，可能导致敏感信息泄露。

Description (English)

IBM Concert is a new tool for IBM. Use the Generating AI to help manage complex cloud raw applications. There is a encryption loophole in IBM Concert 1.0.0 to 2.0.0, which stems from the incorrect activation of HTTP for strict transmission security and may lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

加密问题

Affected Vendor

国际商业机器

Published

2025-11-20

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7252019

Patch

https://www.ibm.com/support/pages/node/7252019