CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34320 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34320
14 Nov 2022 — IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464. IBM CICS TX 11.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente sensible. ID de IBM X-Force: 229464. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229464 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34317 – IBM CICS TX cross-site scripting
https://notcve.org/view.php?id=CVE-2022-34317
14 Nov 2022 — IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459. IBM CICS TX 11.1 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la d... • https://exchange.xforce.ibmcloud.com/vulnerabilities/229459 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34318 – IBM CICS TX clickjacking
https://notcve.org/view.php?id=CVE-2022-34318
14 Nov 2022 — IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461. IBM CICS TX 11.1 podría permitir a un atacante remoto secuestrar la acción de hacer clic de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso, un atacante remoto podría a... • https://exchange.xforce.ibmcloud.com/vulnerabilities/229461 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34316 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34316
14 Nov 2022 — IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. IBM CICS TX 11.1 no neutraliza o neutraliza incorrectamente la sintaxis de scripting web en encabezados HTTP que pueden utilizar los componentes del navegador web que pueden procesar encabezados sin formato. ID de IBM X-Force: 229452. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229452 • CWE-116: Improper Encoding or Escaping of Output CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34314
https://notcve.org/view.php?id=CVE-2022-34314
14 Nov 2022 — IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450. IBM CICS TX 11.1 podría revelar información sensible a un usuario local debido a una configuración de permisos insegura. ID de IBM X-Force: 229450. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229450 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34315 – IBM CICS TX cross-site scripting
https://notcve.org/view.php?id=CVE-2022-34315
14 Nov 2022 — IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229451. IBM CICS TX 11.1 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la d... • https://exchange.xforce.ibmcloud.com/vulnerabilities/229451 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38705 – IBM CICS TX phishing
https://notcve.org/view.php?id=CVE-2022-38705
14 Nov 2022 — IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 234172. IBM CICS TX 11.1 Standard y Advanced podría permitir a un atacante remoto eludir las restricciones de seguridad, causadas por una falla de tabulación inversa. Un atacante podría aprovechar esta vulnerabilidad y redirigir a la víctima a un sitio de phishing. • https://exchange.xforce.ibmcloud.com/vulnerabilities/234172 •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34312 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34312
14 Nov 2022 — IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447. IBM CICS TX 11.1 permite que las páginas web se almacenen localmente y que otro usuario del sistema pueda leerlas. ID de IBM X-Force: 229447. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229447 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34329 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34329
14 Nov 2022 — IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467. IBM CICS TX 11.7 podría permitir a un atacante obtener información sensible de los encabezados de respuesta HTTP. ID de IBM X-Force: 229467. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229467 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34319 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34319
14 Nov 2022 — IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463. IBM CICS TX 11.7 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente sensible. ID de IBM X-Force: 229463. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229463 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •