Cross-Site Request Forgery in IBM CICS TX 11.1 Software
CVE-2022-34161

4.3MEDIUM

Key Information:

Vendor
IBM
Status
Cics Tx Advanced
Cics Tx Standard
Vendor
CVE Published:
1 August 2022

Summary

IBM CICS TX 11.1 contains a vulnerability allowing cross-site request forgery (CSRF). This weakness could enable attackers to execute unauthorized actions by manipulating trusted user credentials. Since the application may trust requests coming from legitimate users, potential malicious exploits could result in harmful impacts on the security of the application. Users are encouraged to implement security measures and patch the software to safeguard against this threat.

Affected Version(s)

CICS TX Advanced 11.1

CICS TX Standard 11.1

References

https://www.ibm.com/support/pages/node/6608192
x_refsource_CONFIRM
https://www.ibm.com/support/pages/node/6608194
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/229331
vdb-entryx_refsource_XF

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.