Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-38705
HistoryNov 14, 2022 - 6:15 p.m.

CVE-2022-38705

2022-11-1418:15:17
[email protected]
web.nvd.nist.gov
ibm
cics tx
11.1
standard
advanced
reverse tabnabbing
vulnerability
remote attacker
security restrictions
phishing site
ibm x-force id
234172

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

39.5%

JSON

IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 234172.

Affected configurations

NVD
Node
ibmcics_txMatch11.1advanced
OR
ibmcics_txMatch11.1standard

Related

cve 1
ibm 2
prion 1
cvelist 1
cve
cve
CVE-2022-38705
2022-11-14 18:15:17
ibm
ibm
Security Bulletin: IBM CICS TX Advanced is vulnerable to a reverse tabnabbing attack (CVE-2022-38705).
2023-02-14 21:04:36
Security Bulletin: IBM CICS TX Standard is vulnerable to a reverse tabnabbing attack (CVE-2022-38705).
2023-02-14 21:14:53
prion
prion
Security feature bypass
2022-11-14 18:15:00
cvelist
cvelist
CVE-2022-38705 IBM CICS TX phishing
2022-11-14 17:56:59

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

39.5%

JSON
Related for NVD:CVE-2022-38705
cve1ibm2prion1cvelist1