CVE-2022-34316

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

History

07 Nov 2023, 03:48

Type Values Removed Values Added
Summary IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.

16 Nov 2022, 19:07

Type Values Removed Values Added
First Time Ibm cics Tx
Ibm
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CPE cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
CWE CWE-116
References (MISC) https://www.ibm.com/support/pages/node/6833176 - (MISC) https://www.ibm.com/support/pages/node/6833176 - Patch, Vendor Advisory
References (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/229452 - (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/229452 - VDB Entry
References (MISC) https://www.ibm.com/support/pages/node/6833178 - (MISC) https://www.ibm.com/support/pages/node/6833178 - Patch, Vendor Advisory

14 Nov 2022, 19:17

Type Values Removed Values Added
New CVE

Information

Published : 2022-11-14 19:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-34316

Mitre link : CVE-2022-34316

CVE.ORG link : CVE-2022-34316


JSON object : View

Products Affected

ibm

  • cics_tx
CWE
CWE-116

Improper Encoding or Escaping of Output

CWE-644

Improper Neutralization of HTTP Headers for Scripting Syntax