IBM04EF5FF1C414190880C2917193889F71288D7D29282A033D38EC99A7202E5DB2Security Bulletin: IBM CICS TX Standard is vulnerable to an attacker being allowed to decrypt highly sensitive information (CVE-2022-34319).
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
40.5%
Summary
IBM CICS TX Standard could allow an attacker to decrypt highly sensitive information. The fix removes this vulnerability (CVE-2022-34319) from IBM CICS TX Standard.
Vulnerability Details
CVEID:CVE-2022-34319
**DESCRIPTION:**IBM CICS TX uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229463 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM CICS TX Standard | All |
Remediation/Fixes
Product
|
Version
|
Defect
|
Remediation / First Fix
—|—|—|—
IBM CICS TX Standard
|
11.1
|
127922
Workarounds and Mitigations
None
Affected configurations
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
40.5%