2 results (0.004 seconds)

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-50311 – IBM CICS Transaction Gateway for Multiplatforms information disclosure

https://notcve.org/view.php?id=CVE-2023-50311

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 y 9.3 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273612 https://https://www.ibm.com/support/pages/node/7145418 • CWE-522: Insufficiently Protected Credentials •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-47140 – IBM CICS Transaction Gateway improper access controls

https://notcve.org/view.php?id=CVE-2023-47140

IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls. IBM X-Force ID: 270259. IBM CICS Transaction Gateway 9.3 podría permitir a un usuario transferir o ver archivos debido a controles de acceso inadecuados. ID de IBM X-Force: 270259. IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270259 https://https://www.ibm.com/support/pages/node/7105094 https://www.ibm.com/support/pages/node/7105094 • CWE-266: Incorrect Privilege Assignment •