Lucene search

IbmCVE-2022-34312

HistoryNov 14, 2022 - 6:15 p.m.

CVE-2022-34312

2022-11-1418:15:16

CWE-200

CWE-922

ibm

web.nvd.nist.gov

ibm

cics tx

11.1

web pages

local storage

unauthorized access

security vulnerability

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

3.4

Confidence

High

EPSS

0.001

Percentile

17.2%

JSON

IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447.

Affected configurations

Nvd

Vulners

Node

ibmcics_txMatch11.1advanced

ibmcics_txMatch11.1standard

VendorProductVersionCPE
ibmcics_tx11.1cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
ibmcics_tx11.1cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

Vendor	Product	Version	CPE
ibm	cics_tx	11.1	cpe:2.3:a:ibm:cics_tx:11.1::::advanced:::
ibm	cics_tx	11.1	cpe:2.3:a:ibm:cics_tx:11.1::::standard:::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CICS TX",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.1"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/229447

www.ibm.com/support/pages/node/6833150

www.ibm.com/support/pages/node/6833156

Social References

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

3.4

Confidence

High

EPSS

0.001

Percentile

17.2%

JSON

Related for CVE-2022-34312