Vulnerability in Ibm Cics Tx
CVE-2022-34316
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.
EPSS: 0.006 (46.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Ibm Cics Tx — versions 11.1
- Ibm Cics_tx — versions 11.1
Weakness classification (CWE)
References
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory)
- psirt@us.ibm.com (vendor-advisory, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry)
Frequently asked questions
- What is CVE-2022-34316?
- CVE-2022-34316 is a low-severity vulnerability in Ibm Cics Tx, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 3.7/10. Published 2022-11-14.
- How severe is CVE-2022-34316?
- Low severity. CVSS v3 base score is 3.7 out of 10.