CVE-2023-33849

IBM CICS TX information disclosure

CVSS 3.7 LOWEPSS 0.4%CWE-311

Vexday Risk Score

8Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 3.7EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

07 jun 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

IBM · CICS TX Advanced IBM · CICS TX Standard IBM · TXSeries for Multiplatforms

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://exchange.xforce.ibmcloud.com/vulnerabilities/257105 https://www.ibm.com/support/pages/node/7001687 https://www.ibm.com/support/pages/node/7001695 https://www.ibm.com/support/pages/node/7001697