CVE-2022-34316
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | CICS TX | 11.1 | affected |
Weaknesses
- CWE-644: CWE-644
- The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6833176
- https://www.ibm.com/support/pages/node/6833178
- https://exchange.xforce.ibmcloud.com/vulnerabilities/229452
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/6833176
- https://www.ibm.com/support/pages/node/6833178
- https://exchange.xforce.ibmcloud.com/vulnerabilities/229452
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.