CVE-2023-33849

Published Jun 7, 2023

Last updated a year ago

CVSS low 3.7

Overview

Description: IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.
Source: psirt@us.ibm.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.7
Impact score: 1.4
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: LOW

Weaknesses

nvd@nist.gov: CWE-311
psirt@us.ibm.com: CWE-311

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:advanced:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73BBDE39-E8CF-416C-838D-046ADDA011F8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9D7FDA3-EE60-453B-8651-686B9D28071F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66EEC046-128D-4555-8C9A-3C02300145B5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "498DF94F-3427-4F7C-80CB-F9526C4D47AB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDF0F0BC-8964-4812-A5E6-0D1C1317E8D2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B27A342F-6BF8-45E7-9711-7C329DE8FC9C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C"
          },
          {
            "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References