CVE-2023-50310

Published: Oct 23, 2024Modified: Nov 5, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected (2)

Products: Ibm: Cics Transaction Gateway

Ibm

1 product

Cics Transaction Gateway

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Cics Transaction Gateway	Version 9.2
Ibm Cics Transaction Gateway	Version 9.3

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (1)

https://www.ibm.com/support/pages/node/7145418

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.