Vulnerabilities > IBM > Cics TX

DATE CVE VULNERABILITY TITLE RISK
2023-11-18 CVE-2023-38361 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cics TX 10.1
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2023-11-13 CVE-2023-38363 Unspecified vulnerability in IBM Cics TX 10.1
IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm
4.3
2023-11-13 CVE-2023-38364 Cross-site Scripting vulnerability in IBM Cics TX 10.1
IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2023-11-03 CVE-2023-42027 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2023-11-03 CVE-2023-42029 Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-11-03 CVE-2023-43018 Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
network
low complexity
ibm CWE-269
7.5
2023-10-25 CVE-2023-42031 Resource Exhaustion vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption.
network
low complexity
ibm CWE-400
4.9
2023-08-22 CVE-2023-33850 Information Exposure Through Discrepancy vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation.
network
low complexity
ibm CWE-203
7.5
2023-06-08 CVE-2023-33846 Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-08 CVE-2023-33847 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm
3.1