threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm cics tx
Product
ibm cics tx
46 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-1331
all versions
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system
7.8
HIGH
CVE-2025-1330
all versions
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the syste
7.8
HIGH
CVE-2025-1329
all versions
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system
7.8
HIGH
CVE-2024-41746
all versions
IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users t
7.2
HIGH
CVE-2024-41745
all versions
IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitra
6.1
MEDIUM
CVE-2024-41744
all versions
IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unaut
6.5
MEDIUM
CVE-2023-38360
all versions
IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
6.1
MEDIUM
CVE-2023-38362
all versions
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP response
5.3
MEDIUM
CVE-2022-34311
all versions
IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's ses
4.3
MEDIUM
CVE-2022-34309
all versions
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt
5.9
MEDIUM
CVE-2022-34310
< 11.1.0.0
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt
5.9
MEDIUM
CVE-2023-38361
all versions
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensit
5.9
MEDIUM
CVE-2023-38364
all versions
IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
6.1
MEDIUM
CVE-2023-38363
all versions
IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to g
4.3
MEDIUM
CVE-2023-43018
all versions
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level
5.9
MEDIUM
CVE-2023-42029
all versions
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripti
4.8
MEDIUM
CVE-2023-42027
all versions
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request
4.3
MEDIUM
CVE-2023-42031
all versions
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user
4.9
MEDIUM
CVE-2023-33850
all versions
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA D
7.5
HIGH
CVE-2023-33847
all versions
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure att
3.7
LOW
CVE-2023-33846
all versions
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site
5.4
MEDIUM
CVE-2023-33849
all versions
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive in
3.7
LOW
CVE-2023-33848
all versions
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged us
4.9
MEDIUM
CVE-2022-34318
all versions
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a mali
5.4
MEDIUM
CVE-2022-34320
all versions
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive infor
5.9
MEDIUM
CVE-2022-34317
all versions
IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the
5.4
MEDIUM
CVE-2022-34316
all versions
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web brows
3.7
LOW
CVE-2022-34315
all versions
IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the
5.4
MEDIUM
CVE-2022-34314
all versions
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450.
4.0
MEDIUM
CVE-2022-38705
all versions
IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbi
5.3
MEDIUM
CVE-2022-34329
all versions
IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467.
5.3
MEDIUM
CVE-2022-34319
all versions
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive infor
5.9
MEDIUM
CVE-2022-34313
all versions
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the co
4.3
MEDIUM
CVE-2022-34312
all versions
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447.
4.0
MEDIUM
CVE-2022-34308
all versions
IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.
5.5
MEDIUM
CVE-2022-34307
all versions
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the co
4.3
MEDIUM
CVE-2022-34164
all versions
IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID:
5.5
MEDIUM
CVE-2022-34163
all versions
IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could al
6.1
MEDIUM
CVE-2022-34162
all versions
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a mali
6.1
MEDIUM
CVE-2022-34161
all versions
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized a
8.8
HIGH
CVE-2022-33955
all versions
IBM CICS TX 11.1 could allow an attacker with physical access to the system to execute code due using a back and refresh att
6.8
MEDIUM
CVE-2022-34306
all versions
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST
5.4
MEDIUM
CVE-2022-34167
all versions
IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbi
5.4
MEDIUM
CVE-2022-34166
all versions
IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary J
5.4
MEDIUM
CVE-2022-34160
all versions
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which
5.4
MEDIUM
CVE-2022-31767
< 11.1
IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a spec
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin