HTTP Header Injection Vulnerability in IBM Concert Products
CVE-2024-51451
6.5MEDIUM
What is CVE-2024-51451?
IBM Concert versions 1.0.0 through 2.1.0 exhibit a critical flaw due to insufficient validation of input from HOST headers, allowing attackers to execute malicious exploits. This vulnerability can lead to various attack scenarios such as cross-site scripting, cache poisoning, and session hijacking, putting sensitive user data and system integrity at risk. Organizations using affected versions are advised to apply the latest security patch provided by IBM to mitigate these threats.
Affected Version(s)
Concert 1.0.0 <= 2.1.0