Description

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.

Related CPE's

a

ibm

cics_tx

2

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/229452

VDB Entry

https://www.ibm.com/support/pages/node/6833176

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6833178

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/229452

VDB Entry

https://www.ibm.com/support/pages/node/6833176

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6833178

PatchVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-644

[email protected]

Primary
CWE-116

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

3.7 · Low

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-14T18:15:13.383Z

3 years ago

Last modified

2024-11-21T06:09:17.103Z

1 year ago