Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.9
IBM Concert: Memory Exposure via Man in the Middle Attack
CVE-2025-33101
Summary
IBM Concert versions 1.0.0 to 2.1.0 may leak sensitive information if an attacker intercepts communication between a user and the application. This could potentially allow attackers to access sensitive data. Update to a fixed version of IBM Concert to prevent this risk.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ibm | concert | > 1.0.0 , <= 2.2.0 | – |
Original title
IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper clearing of heap memory.
Original description
IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper clearing of heap memory.
nvd CVSS3.1
5.9
Vulnerability type
CWE-244
- https://www.ibm.com/support/pages/node/7260162 Vendor Advisory
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026