Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
CVE-2025-36253: IBM Concert uses weak encryption, puts sensitive data at risk
CVE-2025-36253
Summary
IBM Concert versions 1.0.0 through 2.1.0 use outdated encryption methods, which could allow attackers to access sensitive information. This is a serious security risk for any organization using this software, as it could lead to unauthorized access to confidential data. To protect your data, update to a newer version of IBM Concert that uses more secure encryption methods.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| ibm | concert |
>= 1.0.0, < 2.2.0 cpe:2.3:a:ibm:concert:*:*:*:*:*:*:*:* |
Original title
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Original description
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
nvd CVSS3.1
7.5
Vulnerability type
CWE-759
- https://www.ibm.com/support/pages/node/7257565 Vendor Advisory
Published: 2 Feb 2026 · Updated: 15 Jun 2026 · First seen: 6 Mar 2026