IBM CICS Transaction Gateway Vulnerability: Authentication Credentials at Risk

CVE-2023-50310

7.5HIGH

Key Information

Vendor: IBM
Status: Cics Transaction Gateway For Multiplatforms
Vendor: CVE Published:; 23 October 2024

Summary

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Version(s)

CICS Transaction Gateway for Multiplatforms = 9.2, 9.3

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 23, 2024
Vulnerability Reserved.
Dec 7, 2023

Collectors

NVD DatabaseMitre Database