← Back

CVE-2023-33849

nvd nist
Published: Jun 7, 2023Modified: Nov 21, 2024

JSON object

Loading...
3.7
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.2 / Impact: 1.4
Source: NVD

Description

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.

Affected (6)

Ibm
2 products
Cics Tx
Txseries For Multiplatforms
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Cics Tx
Version 10.1
Cics Tx
Version 11.1
Cics Tx
Version 11.1
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Txseries For Multiplatforms
Version 8.1
Txseries For Multiplatforms
Version 9.1
Configuration C
1 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Txseries For Multiplatforms
Version 8.2
Running on/withPlatform Versions
Hp
Hp Ux
All versions
Ibm
Aix
All versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-311
Missing Encryption of Sensitive Data
The product does not encrypt sensitive or critical information before storage or transmission.

References (8)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.