6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Advanced version 11.1 contains an input validation error vulnerability that stems from improper input validation of the HOST header, which can be exploited by attackers to conduct a variety of attacks on vulnerable systems, including cross-site scripting, cache poisoning, or session hijacking.
CPE | Name | Operator | Version |
---|---|---|---|
ibm cics tx advanced | eq | 11.1 | |
ibm cics tx standard | eq | 11.1 |