Insufficiently protected credentials in CICS Transaction Gateway

#VU88898 Insufficiently protected credentials in CICS Transaction Gateway

Published: 2024-04-23

Vulnerability identifier: #VU88898

Vulnerability risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-50310

CWE-ID: CWE-522

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
CICS Transaction Gateway
Server applications / Other server solutions

Vendor: IBM Corporation

Description

The vulnerability allows a remote privileged user to gain access to other users' credentials.

The vulnerability exists due to IBM CICS Transaction Gateway transmits or stores authentication credentials using insecure method that is susceptible to unauthorized interception and/or retrieval. A remote privileged user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

CICS Transaction Gateway: 9.0.0.2 - 9.3.0.0

External links
http://www.ibm.com/support/pages/node/7145418

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM CICS Transaction Gateway for Multiplatforms