Vulnerabilities > IBM > Cics TX

DATE CVE VULNERABILITY TITLE RISK
2022-08-01 CVE-2022-34162 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
6.1
2022-08-01 CVE-2022-34163 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-79
6.1
2022-08-01 CVE-2022-34164 Improper Input Validation vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation.
local
low complexity
ibm CWE-20
5.5
2022-08-01 CVE-2022-34307 Missing Encryption of Sensitive Data vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-311
4.3
2022-07-08 CVE-2022-34160 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
5.4
2022-07-08 CVE-2022-34166 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-07-08 CVE-2022-34167 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-07-08 CVE-2022-34306 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-79
5.4
2022-06-24 CVE-2022-31767 OS Command Injection vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
critical
9.8