Heap Memory Vulnerability in IBM Concert Software
CVE-2025-1722

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Concert
Vendor: CVE Published:; 20 January 2026

What is CVE-2025-1722?

IBM Concert versions 1.0.0 through 2.1.0 are susceptible to a vulnerability where improper clearing of allocated heap memory may allow remote attackers to gain access to sensitive information. This exposure could potentially lead to unauthorized access to confidential data stored in memory.

Affected Version(s)

Concert 1.0.0 <= 2.1.0

References

https://www.ibm.com/support/pages/node/7257006

vendor-advisorypatch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 20, 2026
Vulnerability Reserved
Feb 26, 2025

JSON