Lucene search

[email protected]NVD:CVE-2023-33849

HistoryJun 07, 2023 - 10:15 p.m.

CVE-2023-33849

2023-06-0722:15:10

CWE-311

[email protected]

web.nvd.nist.gov

cve-2023-33849

ibm txseries

cics tx

sensitive information

query parameters

man in the middle

interception

x-force

257105

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.8%

JSON

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.

Affected configurations

NVD

Node

ibmcics_txMatch10.1advanced

ibmcics_txMatch11.1advanced

ibmcics_txMatch11.1standard

AND

linuxlinux_kernelMatch-

Node

ibmtxseries_for_multiplatformsMatch8.1

ibmtxseries_for_multiplatformsMatch9.1

AND

ibmaixMatch-

linuxlinux_kernelMatch-

Node

ibmtxseries_for_multiplatformsMatch8.2

AND

hphp-uxMatch-

ibmaixMatch-

linuxlinux_kernelMatch-

References

exchange.xforce.ibmcloud.com/vulnerabilities/257105

www.ibm.com/support/pages/node/7001687

www.ibm.com/support/pages/node/7001695

www.ibm.com/support/pages/node/7001697

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for NVD:CVE-2023-33849

ibm3 prion1 cve1 cvelist1