CVE-2025-36081
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-10-31
Assigner: IBM Corporation
Description
Description
IBM Concert Software
1.0.0 through 2.0.0 could allow a user to modify system logs due to improper neutralization of log input.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| ibm | concert | From 1.0.0 (inc) to 2.1.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-117 | The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in IBM Concert Software versions 1.0.0 through 2.0.0 allows a user to modify system logs because the software does not properly neutralize log input. This means that malicious input can alter log entries.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing unauthorized modification of system logs, which can hinder the ability to detect and investigate security incidents, potentially allowing attackers to cover their tracks.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70