Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cics_tx
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 45 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-01 | CVE-2024-41744 | IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | Cics_tx | 8.8 | ||
| 2025-05-08 | CVE-2025-1329 | IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function. | Cics_tx | 7.8 | ||
| 2025-05-08 | CVE-2025-1331 | IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function. | Cics_tx | 7.8 | ||
| 2025-05-08 | CVE-2025-1330 | IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function. | Cics_tx | 7.8 | ||
| 2022-12-12 | CVE-2022-34318 | IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461. | Cics_tx | 6.1 | ||
| 2024-03-04 | CVE-2023-38362 | IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814. | Cics_tx | 5.3 | ||
| 2024-03-04 | CVE-2023-38360 | IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260769. | Cics_tx | 6.1 | ||
| 2022-06-24 | CVE-2022-31767 | IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980. | Cics_tx | 9.8 | ||
| 2022-07-08 | CVE-2022-34160 | IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330. | Cics_tx | 5.4 | ||
| 2022-07-08 | CVE-2022-34166 | IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430. | Cics_tx | 5.4 |