CVE-2023-33849 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2023-33849
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257105 https://www.ibm.com/support/pages/node/7001687 https://www.ibm.com/support/pages/node/7001695 https://www.ibm.com/support/pages/node/7001697 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2023-33848 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2023-33848
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257104 https://www.ibm.com/support/pages/node/7001647 https://www.ibm.com/support/pages/node/7001681 https://www.ibm.com/support/pages/node/7001683 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •