CVE-2023-50311

Опубликовано: 31 мар. 2024

Источник: nvd

CVSS3: 3.1

CVSS3: 4.9

EPSS Низкий

Описание

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages.

Ссылки

https://https://www.ibm.com/support/pages/node/7145418
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/273612
https://https://www.ibm.com/support/pages/node/7145418
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*

cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*

EPSS

Процентиль: 17%

0.00053

Низкий

3.1 Low

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-522

Связанные уязвимости

GHSA-cjxj-mgrm-h6pj

CVSS3: 4.9

github

почти 2 года назад

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612.

EPSS

Процентиль: 17%

0.00053

Низкий

3.1 Low

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-522