IBM3502254480CD8A030DE5CC2BCF0A2DBF1A2F8A17573CF7F7C02087C700F1FB8ESecurity Bulletin: IBM CICS TX Standard is vulnerable to an attacker decrypting highly sensitive information . (CVE-2022-34310) .
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
15.5%
Summary
IBM CICS TX Standard could allow an attacker to decrypt highly sensitive information . The fix removes this vulnerability (CVE-2022-34310) from IBM CICS TX Standard.
Vulnerability Details
CVEID:CVE-2022-34310
**DESCRIPTION:**IBM CICS TX uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229441 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM CICS TX Standard | All |
Remediation/Fixes
IBM strongly recommends addressing the vulnerability by downloading and applying the interim fixes from the table below:
Product
|
Version
|
Defect
|
Remediation / First Fix
—|—|—|—
IBM CICS TX Standard
|
11.1
|
127918
|
Workarounds and Mitigations
None
Affected configurations
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
15.5%