Lucene search
+L

171 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/02/09 12:13 p.m.17 views

Security Bulletin: Vulnerability (CVE-2022-3676) in Eclipse Openj9 affects CICS Transaction Gateway Desktop Edition

Summary Eclipse Openj9 is used by CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2022-3676 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass...

6.5CVSS6.8AI score0.00589EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/09 10:24 a.m.58 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 affects CICS Transaction Gateway

Summary There is a vulnerability which is related to identity spoofing in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-22476...

8.8CVSS6.4AI score0.0077EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 10:20 a.m.21 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 affecting CICS Transaction Gateway Desktop Edition

Summary There is a vulnerability which is related to HTTP injection in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 used by CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway Desktop Edition has...

5.4CVSS5.5AI score0.00458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/09 4:46 p.m.33 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 affects CICS Transaction Gateway

Summary There is a vulnerability which is related to identity spoofing in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-22475...

6.5CVSS5.6AI score0.00602EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:25 a.m.37 views

Security Bulletin: Vulnerabilities (CVE-2022-21541 and CVE-2022-21540) in IBM Java Runtime affects CICS Transaction Gateway Desktop Editon

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway Desktop Editon. The fix removes vulnerabilities CVE-2022-21541 and CVE-2022-21540 that could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact...

5.9CVSS6.9AI score0.03693EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:25 a.m.35 views

Security Bulletin: Vulnerability (CVE-2021-2163) in IBM Java Runtime affects CICS Transaction Gateway Desktop Editon

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway Desktop Editon. The fix removes vulnerability CVE-2021-2163 that could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. Vulnerability Details...

5.3CVSS5.6AI score0.03566EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:24 a.m.32 views

Security Bulletin: Vulnerability (CVE-2022-3676) in Eclipse Openj9 affects CICS Transaction Gateway Desktop Edition

Summary Eclipse Openj9 is used by CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2022-3676 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass...

6.5CVSS6.8AI score0.00589EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:23 a.m.30 views

Security Bulletin: Vulnerability (CVE-2021-41041) in Eclipse Openj9 affects CICS Transaction Gateway Desktop Edition

Summary Eclipse Openj9 is used by CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2021-41041 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypa...

5.3CVSS5.6AI score0.01014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:23 a.m.35 views

Security Bulletin: Vulnerability (CVE-2021-2163) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2021-2163 that could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. Vulnerability Details CVEID:CVE-2021-2163...

5.3CVSS5.6AI score0.03566EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:22 a.m.36 views

Security Bulletin: Vulnerability (CVE-2021-28167) in Eclipse Openj9 affects CICS Transaction Gateway Desktop Edition

Summary Eclipse Openj9 is used by CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2021-28167 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypa...

6.5CVSS6.7AI score0.01104EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:22 a.m.24 views

Security Bulletin: Vulnerability (CVE-2021-41041) in Eclipse Openj9 affects CICS Transaction Gateway

Summary Eclipse Openj9 is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2021-41041 that could allow a remote attacker to bypass security restrictions. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security...

5.3CVSS5.6AI score0.01014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/22 8:21 a.m.35 views

Security Bulletin: Vulnerabilities (CVE-2022-21541 and CVE-2022-21540 ) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway. The fix removes vulnerabilities CVE-2022-21541 and CVE-2022-21540 that can allow an unauthenticated attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An unspecified...

5.9CVSS6.9AI score0.03693EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/12/12 1:15 p.m.12 views

CVE-2022-34318

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM...

6.1CVSS5.8AI score0.00614EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.7 views

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A security vulnerability exists in IBM CICS TX version 11.1, which stems from the presence of a click-through operation that allows a remote attacker to hijack a victim's click-through...

6.1CVSS6.3AI score0.00614EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/08 10:45 a.m.30 views

Security Bulletin: FasterXML Jackson Databind used by CICS Transaction Gateway is vulnerable to a denial of service

Summary FasterXML Jackson Databind used by CICS Transaction Gateway is vulnerable to a denial of service, caused by a Java StackOverflow exception CVE-2020-36518. CICS Transaction Gateway addressed the applicable CVE. Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION: FasterXML...

7.5CVSS7.5AI score0.0486EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/08 10:43 a.m.37 views

Security Bulletin: FasterXML Jackson Databind used by CICS Transaction Gateway is vulnerable to a denial of service and could provide weaker than expected security

Summary FasterXML Jackson Databind used by CICS Transaction Gateway is vulnerable to a denial of service CVE-2022-42004, CVE-2022-42003, CVE-2020-36518 and could provide weaker than expected security CVE-2020-25649. CICS Transaction Gateway addressed the applicable CVEs. Vulnerability Details...

7.5CVSS7.6AI score0.17611EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/08 10:40 a.m.32 views

Security Bulletin: jettison-json Jettison used by CICS Transaction Gateway is vulnerable to a denial of service

Summary jettison-json Jettison used by CICS Transaction Gateway is vulnerable to a denial of service, caused by a stack-based buffer overflow CVE-2022-40149 and an out of memory flaw CVE-2022-40150. CICS Transaction Gateway addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-40149...

7.5CVSS7.1AI score0.01336EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/08 10:36 a.m.36 views

Security Bulletin: FasterXML Jackson Databind used by CICS Transaction Gateway could provide weaker than expected security

Summary FasterXML Jackson Databind used by CICS Transaction Gateway could provide weaker than expected security, caused by not having entity expansion secured properly CVE-2020-25649. CICS Transaction Gateway addressed the applicable CVE. Vulnerability Details CVEID:CVE-2020-25649 DESCRIPTION:...

7.5CVSS7.5AI score0.17611EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/11/14 8:15 p.m.10 views

CVE-2022-34317

IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459...

5.4CVSS5.4AI score0.00493EPSS
Exploits0References3
OSV
OSV
added 2022/11/14 7:15 p.m.7 views

CVE-2022-34316

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452...

5.3CVSS5.8AI score0.00642EPSS
Exploits0References3
Rows per page
Query Builder