Heap Memory Vulnerability in IBM Concert Affects Multiple Versions
CVE-2025-1721

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Concert
Vendor: CVE Published:; 26 December 2025

What is CVE-2025-1721?

IBM Concert versions 1.0.0 through 2.1.0 are susceptible to a vulnerability that allows remote attackers to exploit improper clearing of heap memory. This flaw could enable unauthorized access to sensitive information retained in memory, potentially compromising the integrity and confidentiality of user data. Users and administrators are advised to apply the latest updates to mitigate the risk.

Affected Version(s)

Concert 1.0.0 <= 2.1.0

References

https://www.ibm.com/support/pages/node/7255549

vendor-advisorypatch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 26, 2025
Vulnerability Reserved
Feb 26, 2025

JSON