Multiple vulnerabilities in IBM CICS TX



Published: 2022-11-21 | Updated: 2022-11-21
Risk Low
Patch available NO
Number of vulnerabilities 4
CVE-ID CVE-2022-34318
CVE-2022-34312
CVE-2022-34319
CVE-2022-34313
CWE-ID CWE-16
CWE-200
CWE-327
CWE-614
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
IBM CICS TX Advanced
Universal components / Libraries / Software for developers

IBM CICS TX Standard
Universal components / Libraries / Software for developers

Vendor

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Configuration

EUVDB-ID: #VU69437

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-34318

CWE-ID: CWE-16 - Configuration

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to application does not set necessary HTTP headers to protect itself against clickjacking attacks. A remote attacker can trick the victim into visiting a malicious website and hijacking the clicking action of the victim.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM CICS TX Advanced: before 11.1.0.0 ifix5

IBM CICS TX Standard: before 11.1.0.0 ifix5


CPE2.3
External links

http://www.ibm.com/support/pages/node/6833188
http://www.ibm.com/support/pages/node/6833186
http://exchange.xforce.ibmcloud.com/vulnerabilities/229461

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU69433

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-34312

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to IBM CICS TX allows web pages to be stored locally in an insecure manner. A local user can access stored web pages.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM CICS TX Standard: before 11.1.0.0 ifix5

IBM CICS TX Advanced: before 11.1.0.0 ifix5


CPE2.3
External links

http://www.ibm.com/support/pages/node/6833156
http://exchange.xforce.ibmcloud.com/vulnerabilities/229447
http://www.ibm.com/support/pages/node/6833150

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU69434

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-34319

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to IBM CICS TX uses weaker than expected cryptographic algorithms. A remote attacker can perform MitM attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM CICS TX Standard: before 11.1.0.0 ifix5

IBM CICS TX Advanced: before 11.1.0.0 ifix5


CPE2.3
External links

http://www.ibm.com/support/pages/node/6833192
http://www.ibm.com/support/pages/node/6833190
http://exchange.xforce.ibmcloud.com/vulnerabilities/229463

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

EUVDB-ID: #VU69436

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-34313

CWE-ID: CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain sensitive cookie values.

The vulnerability exists due to IBM CICS TX does not set the secure attribute on authorization tokens or session cookies. A remote attacker can trick the victim into visiting the web application via insecure HTTP protocol and intercept sensitive cookie values.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM CICS TX Standard: before 11.1.0.0 ifix5

IBM CICS TX Advanced: before 11.1.0.0 ifix5


CPE2.3
External links

http://www.ibm.com/support/pages/node/6833164
http://exchange.xforce.ibmcloud.com/vulnerabilities/229449
http://www.ibm.com/support/pages/node/6833158

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###