Vulnerabilities > IBM > Cics TX

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-34315 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-11-14 CVE-2022-34316 Improper Encoding or Escaping of Output vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers.
network
low complexity
ibm CWE-116
5.3
5.3
2022-11-14 CVE-2022-34312 Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
3.3
2022-11-14 CVE-2022-34313 Unspecified vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm
3.1
3.1
2022-11-14 CVE-2022-34319 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cics TX 11.7
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2022-11-14 CVE-2022-34329 Unspecified vulnerability in IBM Cics TX 11.7
IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers.
network
low complexity
ibm
5.3
5.3
2022-11-14 CVE-2022-38705 Unspecified vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw.
network
low complexity
ibm
6.1
6.1
2022-10-07 CVE-2022-34308 Allocation of Resources Without Limits or Throttling vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling.
local
low complexity
ibm CWE-770
5.5
5.5
2022-08-01 CVE-2022-33955 OS Command Injection vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack.
low complexity
ibm CWE-78
6.8
6.8
2022-08-01 CVE-2022-34161 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8