Lucene search

K
ibmIBMB74D5EF040BC913D2AB814FFB5898C47009F18549879307F3EFC2EDA86C2ABF2
HistoryOct 31, 2023 - 12:57 p.m.

Security Bulletin: "Unrestricted Internet Access/Outbound Connections" affects IBM CICS TX Standard and IBM CICS TX Advanced

2023-10-3112:57:31
www.ibm.com
16
ibm cics tx
vulnerability
outbound connections
internet access
security bulletin
cve-2023-43018
cvss base score 5.9
remediation
documentation

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

35.5%

Summary

“Unrestricted Internet Access/Outbound Connections” affects IBM CICS TX Standard and IBM CICS TX Advanced. IBM CICS TX Standard and IBM CICS TX Advanced have addressed the applicable vulnerability.

Vulnerability Details

CVEID:CVE-2023-43018
**DESCRIPTION:**IBM CICS TX performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/266163 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM CICS TX Advanced 10.1
IBM CICS TX Advanced 11.1
IBM CICS TX Standard 11.1

Remediation/Fixes

Product Version Platform Remediation / Fix
IBM CICS TX Advanced

10.1

| Linux| Refer to this documentation.
IBM CICS TX Advanced|

11.1

| Linux| Refer to this documentation.
IBM CICS TX Standard|

11.1

| Linux| Refer to this documentation.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmcics_txMatch10.1
OR
ibmcics_txMatch11.1
VendorProductVersionCPE
ibmcics_tx10.1cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:*:*:*:*
ibmcics_tx11.1cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:*:*:*:*

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

35.5%

Related for B74D5EF040BC913D2AB814FFB5898C47009F18549879307F3EFC2EDA86C2ABF2