CVSS: 3.7EPSS: 0%CPEs: 12EXPL: 0CVE-2023-33849 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2023-33849
07 Jun 2023 — IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257105 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-33848 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2023-33848
07 Jun 2023 — IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257104 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31767
https://notcve.org/view.php?id=CVE-2022-31767
24 Jun 2022 — IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980. IBM CICS TX Standard y Advanced versión 11.1, podría permitir a un atacante remoto ejecutar comandos arbitrarios en el sistema mediante el envío de una petición especialmente diseñada. IBM X-Force ID: 227980 • https://exchange.xforce.ibmcloud.com/vulnerabilities/227980 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •