CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27909

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.9%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.ibm.com/support/pages/node/7242354

Products affected by CVE-2025-27909

Ibm » Concert » Version: 1.0.0

cpe:2.3:a:ibm:concert:1.0.0
Ibm » Concert » Version: 1.0.1

cpe:2.3:a:ibm:concert:1.0.1
Ibm » Concert » Version: 1.0.2

cpe:2.3:a:ibm:concert:1.0.2
Ibm » Concert » Version: 1.0.2.1

cpe:2.3:a:ibm:concert:1.0.2.1
Ibm » Concert » Version: 1.0.2.2

cpe:2.3:a:ibm:concert:1.0.2.2
Ibm » Concert » Version: 1.0.3

cpe:2.3:a:ibm:concert:1.0.3
Ibm » Concert » Version: 1.0.4

cpe:2.3:a:ibm:concert:1.0.4
Ibm » Concert » Version: 1.0.4.1

cpe:2.3:a:ibm:concert:1.0.4.1
Ibm » Concert » Version: 1.0.5

cpe:2.3:a:ibm:concert:1.0.5
Ibm » Concert » Version: 1.0.5.1

cpe:2.3:a:ibm:concert:1.0.5.1
Ibm » Concert » Version: 1.0.5.2

cpe:2.3:a:ibm:concert:1.0.5.2
Ibm » Concert » Version: 1.0.5.4

cpe:2.3:a:ibm:concert:1.0.5.4
Ibm » Concert » Version: 1.1.0

cpe:2.3:a:ibm:concert:1.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27909

Products

Pricing

Contact Us