CVE Catalog

CVE-2023-33849

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

30th percentile — higher than 30% of all known CVEs

Summary

IBM TXSeries for Multiplatforms versions 8.1, 8.2, 9.1, and CICS TX Standard and Advanced versions 10.1 and 11.1 may transmit sensitive information in query parameters that could be intercepted using man-in-the-middle techniques.

Risk Assessment

Intercepting sensitive data may lead to breaches of privacy and information security within the organization.

Recommendation

It is recommended to implement data transmission encryption and monitor network traffic to detect potential attacks.

Original NVD description (English source)

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS