Weaker Cryptographic Algorithms in IBM CICS TX Standard and Advanced 11.1 Could Leave Sensitive Information Vulnerable to Decryption
CVE-2022-34309

5.9MEDIUM

Key Information:

Vendor
IBM
Status
Cics Tx Standard
Cics Tx Advanced
Vendor
CVE Published:
12 February 2024

Summary

IBM CICS TX Standard and Advanced 11.1 has been identified with vulnerabilities stemming from the use of cryptographic algorithms that do not meet expected security standards. These weaknesses may allow attackers to decrypt sensitive information, posing a risk to data integrity. Organizations utilizing these IBM products are encouraged to review their security configurations and implement stronger cryptographic measures to safeguard against unauthorized data access.

Affected Version(s)

CICS TX Advanced 11.1

CICS TX Standard 11.1

References

https://www.ibm.com/support/pages/node/6832814
vendor-advisory
https://www.ibm.com/support/pages/node/6832918
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/229440
vdb-entry

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.