CVE-2023-33849
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | TXSeries for Multiplatforms | 8.1, 8.2, 9.1 | affected |
| IBM | CICS TX Standard | 11.1 | affected |
| IBM | CICS TX Advanced | 10.1, 11.1 | affected |
Weaknesses
- CWE-311: CWE-311 Missing Encryption of Sensitive Data
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/257105
- https://www.ibm.com/support/pages/node/7001687
- https://www.ibm.com/support/pages/node/7001697
- https://www.ibm.com/support/pages/node/7001695
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/257105
- https://www.ibm.com/support/pages/node/7001687
- https://www.ibm.com/support/pages/node/7001697
- https://www.ibm.com/support/pages/node/7001695
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.