CVE-2023-50310

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
References
Link Resource
https://www.ibm.com/support/pages/node/7145418 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*
cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*

History

05 Nov 2024, 16:40

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*
cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*
References () https://www.ibm.com/support/pages/node/7145418 - () https://www.ibm.com/support/pages/node/7145418 - Vendor Advisory
First Time Ibm cics Transaction Gateway
Ibm
CVSS v2 : unknown
v3 : 4.9
v2 : unknown
v3 : 7.5

23 Oct 2024, 15:12

Type Values Removed Values Added
Summary
  • (es) IBM CICS Transaction Gateway for Multiplatforms 9.2 y 9.3 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible a la interceptación y/o recuperación no autorizadas.

23 Oct 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-23 11:15

Updated : 2024-11-05 16:40


NVD link : CVE-2023-50310

Mitre link : CVE-2023-50310

CVE.ORG link : CVE-2023-50310


JSON object : View

Products Affected

ibm

  • cics_transaction_gateway
CWE
CWE-522

Insufficiently Protected Credentials