IBM CICS Transaction Gateway Vulnerability: Authentication Credentials at Risk
CVE-2023-50310
7.5HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 23 October 2024
Summary
The vulnerability associated with IBM CICS Transaction Gateway for Multiplatforms versions 9.2 and 9.3 relates to the insecure transmission and storage of authentication credentials. This method puts user data at risk as it can be intercepted or retrieved by unauthorized entities. By failing to implement secure practices in handling sensitive information, the gateway exposes systems to potential breaches and attacks, necessitating immediate attention to ensure robust security measures are implemented.
Affected Version(s)
CICS Transaction Gateway for Multiplatforms 9.2, 9.3
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved