What is CVE-2023-33849?

CVE-2023-33849 is a low-severity vulnerability in Ibm Cics Tx Advanced, classified under Missing Encryption of Sensitive Data. CVSS score: 3.7/10. Published 2023-06-07.

How severe is CVE-2023-33849?

Low severity. CVSS v3 base score is 3.7 out of 10.

Vulnerability in Ibm Cics Tx Advanced

CVE-2023-33849

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID…

EPSS: 0.000 (14.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Ibm Cics Tx Advanced — versions 10.1, 11.1
Ibm Cics Tx Standard — versions 11.1
Ibm Txseries For Multiplatforms — versions 8.1, 8.2, 9.1

Weakness classification (CWE)

CWE-311 — Missing Encryption of Sensitive Data

References

exchange.xforce.ibmcloud.com/vulnerabilities/257105 (vdb-entry)
www.ibm.com/support/pages/node/7001687 (vendor-advisory)
www.ibm.com/support/pages/node/7001697 (vendor-advisory)
www.ibm.com/support/pages/node/7001695 (vendor-advisory)

Frequently asked questions

What is CVE-2023-33849?: CVE-2023-33849 is a low-severity vulnerability in Ibm Cics Tx Advanced, classified under Missing Encryption of Sensitive Data. CVSS score: 3.7/10. Published 2023-06-07.
How severe is CVE-2023-33849?: Low severity. CVSS v3 base score is 3.7 out of 10.