Lucene search

[email protected]NVD:CVE-2022-34316

HistoryNov 14, 2022 - 7:15 p.m.

CVE-2022-34316

2022-11-1419:15:13

CWE-644

CWE-116

[email protected]

web.nvd.nist.gov

ibm

cics tx

web scripting .

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

32.6%

JSON

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.

Affected configurations

Nvd

Node

ibmcics_txMatch11.1advanced

ibmcics_txMatch11.1standard

VendorProductVersionCPE
ibmcics_tx11.1cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
ibmcics_tx11.1cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

Vendor	Product	Version	CPE
ibm	cics_tx	11.1	cpe:2.3:a:ibm:cics_tx:11.1::::advanced:::
ibm	cics_tx	11.1	cpe:2.3:a:ibm:cics_tx:11.1::::standard:::

References

exchange.xforce.ibmcloud.com/vulnerabilities/229452

www.ibm.com/support/pages/node/6833176

www.ibm.com/support/pages/node/6833178

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

32.6%

JSON

Related for NVD:CVE-2022-34316

ibm2 cve1 prion1 cvelist1