Security Advisory

CVE-2025-36161

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-20 15:26:29

Last updated 2025-11-20 16:30:00

Assigner ibm

State PUBLISHED

Description

IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict-Transport-Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

← Browse all CVEs View on cve.org ↗