Lucene search
+L

171 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/03/11 4:25 p.m.25 views

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition.

Summary There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability Details...

7.5CVSS7AI score0.01026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/11 4:22 p.m.27 views

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway for Multiplatforms.

Summary There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway for Multiplatforms. An update to CICS Transaction Gateway for Multiplatforms has been released to address these vulnerabilities. Vulnerability Detail...

7.5CVSS7AI score0.01026EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/04 4:15 p.m.6 views

CVE-2023-38362

IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814...

5.3CVSS5.8AI score0.0047EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/04 12:0 a.m.9 views

PT-2024-12713 · Ibm · Ibm Cics Tx Advanced

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Advanced version 10.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session...

6.1CVSS6.8AI score0.00317EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/29 4:6 p.m.42 views

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms.

Summary There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms. An update to CICS Transaction Gateway for Multiplatforms has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: A...

9.1CVSS9.7AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/29 4:0 p.m.36 views

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway Desktop Edition.

Summary There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway Desktop Edition. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

9.1CVSS9.7AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/21 9:52 a.m.9 views

Security Bulletin: Due to the use of Apache Commons Codec, IBM CICS Transaction Gateway for Multiplatforms is vulnerable to an information exposure.

Summary There is a vulnerability in Apache Commons Codec library which is shipped as part of IBM CICS Transaction Gateway for Multiplatforms. An update to IBM CICS Transaction Gateway for Multiplatforms has been released to address the vulnerability. Vulnerability Details IBM X-Force ID: 177835...

6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/21 9:37 a.m.40 views

Security Bulletin: Due to the use of jackson-databind, IBM CICS Transaction Gateway for Multiplatforms is vulnerable to a denial of service (CVE-2023-35116).

Summary There is a vulnerability in jackson-databind which is shipped as part of IBM CICS Transaction Gateway for Multiplatforms. An update to IBM CICS Transaction Gateway for Multiplatforms has been released to address the vulnerability. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION:...

4.7CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/21 9:27 a.m.16 views

Security Bulletin: Due to the use of IBM WebSphere Liberty, IBM CICS Transaction Gateway Desktop Edition and for Multiplatforms are vulnerable to weaker than expected security due to improper resource expiration handling (CVE-2023-46158).

Summary There is a vulnerability in IBM WebSphere Liberty, which is shipped as part of both IBM CICS Transaction Gateway Desktop Edition and IBM CICS Transaction Gateway for Multiplatforms. Updates to IBM CICS Transaction Gateway Desktop Edition and IBM CICS Transaction Gateway for Multiplatforms...

9.8CVSS6.9AI score0.00456EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/15 12:46 p.m.22 views

Security Bulletin: There are multiple vulnerabilities in IBM SDK, Java Technology Edition and Eclipse OpenJ9 that are shipped with CICS Transaction Gateway for Multiplatforms (CVE-2023-22081, CVE-2023-22067 and CVE-2023-5676).

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition and Eclipse OpenJ9 that are shipped with CICS Transaction Gateway for Multiplatforms CVE-2023-22081, CVE-2023-22067 and CVE-2023-5676. An update to CICS Transaction Gateway for Multiplatforms has been released to addre...

5.9CVSS6.1AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/15 12:44 p.m.19 views

Security Bulletin: There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition (CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition CVE-2023-22045 and CVE-2023-22049. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability...

3.7CVSS5.9AI score0.01316EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/15 12:38 p.m.27 views

Security Bulletin: There is a vulnerability in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms (CVE-2023-21968).

Summary There is a vulnerability in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms CVE-2023-21968. An update to CICS Transaction Gateway for Multiplatforms has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION:...

3.7CVSS5.4AI score0.01036EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/12 7:15 p.m.6 views

CVE-2022-34309

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440...

7.5CVSS5.8AI score0.00486EPSS
Exploits0References3
OSV
OSV
added 2024/02/12 6:15 p.m.5 views

CVE-2022-34310

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441...

7.5CVSS5.8AI score0.00486EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/12 12:0 a.m.7 views

IBM CICS TX Standard 加密问题漏洞

IBM CICS TX Standardand Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Standard and Advanced has a cryptographic issue vulnerability that stems...

7.5CVSS6.6AI score0.00486EPSS
Exploits0References4
NVD
NVD
added 2024/01/08 3:15 a.m.22 views

CVE-2023-47140

IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls...

8.1CVSS5.8AI score0.0022EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/08 2:8 a.m.16 views

CVE-2023-47140 IBM CICS Transaction Gateway improper access controls

IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls...

4CVSS6.8AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/08 2:8 a.m.24 views

CVE-2023-47140 IBM CICS Transaction Gateway improper access controls

IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls...

4CVSS7.8AI score0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.6 views

IBM CICS Transaction Gateway 安全漏洞

IBM CICS Transaction Gateway is a connector for modernizing enterprise CICS assets from International Business Machines IBM. An access control error vulnerability exists in IBM CICS Transaction Gateway version 9.3, which can be exploited by an attacker to transfer or view files...

8.1CVSS6.6AI score0.0022EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/03 12:15 p.m.31 views

Security Bulletin: CICS Transaction Gateway Containers are vulnerable to unwanted system calls such as unshare() (CVE-2022-0185).

Summary CICS Transaction Gateway Containers are vulnerable to CVE-2022-0185 if the SECCOMP profile is not configured so as to disable unwanted system calls such as unshare. Vulnerability Details CVEID:CVE-2022-0185 DESCRIPTION: Linux Kernel is vulnerable to a heap-based buffer overflow, caused by...

8.4CVSS8.5AI score0.25151EPSS
Exploits11Affected Software1
Rows per page
Query Builder