Vulnerability CVE-2023-35116 affects CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. This fix addresses this vulnerability.
CVEID:CVE-2023-35116
**DESCRIPTION:**Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/258157 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM CICS Transaction Gateway | 9.3 |
CICS Transaction Gateway Desktop Edition | 9.3 |
IBM recommends that you apply these fixes:
Product
| VRMF|APAR|Remediation/First Fix
—|—|—|—
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
AIX: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on Intel: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on IBM Z: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on IBM Z container: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on Intel container: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on POWER Little Endian: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Linux on POWER Big Endian: Fix Central link
CICS Transaction Gateway for Multiplatforms
CICS Transaction Gateway Desktop Edition
|
9.3
|
PH57424
|
Windows: Fix Central link
None
CPE | Name | Operator | Version |
---|---|---|---|
cics transaction gateway | eq | 9.3 |