CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50311 – IBM CICS Transaction Gateway for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2023-50311
31 Mar 2024 — IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 y 9.3 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 273612. IBM CICS Transaction Gateway for Multiplatfo... • https://exchange.xforce.ibmcloud.com/vulnerabilities/273612 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47140 – IBM CICS Transaction Gateway improper access controls
https://notcve.org/view.php?id=CVE-2023-47140
08 Jan 2024 — IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls. IBM X-Force ID: 270259. IBM CICS Transaction Gateway 9.3 podría permitir a un usuario transferir o ver archivos debido a controles de acceso inadecuados. ID de IBM X-Force: 270259. IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270259 • CWE-266: Incorrect Privilege Assignment •