First published: Tue Jun 06 2023(Updated: )
IBM CICS TX could allow a privileged user to obtain highly sensitive information by enabling debug mode.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM CICS Transaction Server for z/OS | <=11.1 | |
IBM CICS Transaction Server for z/OS | =10.1 | |
IBM CICS Transaction Server for z/OS | =11.1 | |
IBM CICS Transaction Server for z/OS | =11.1 | |
Linux kernel | ||
IBM TXSeries for Multiplatform | =8.1 | |
IBM TXSeries for Multiplatform | =9.1 | |
IBM AIX | ||
IBM TXSeries for Multiplatform | =8.2 | |
HPE HP-UX |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-33848.
The severity of CVE-2023-33848 is medium with a CVSS score of 6.5.
A privileged user can obtain highly sensitive information by enabling debug mode in IBM CICS TX Standard versions 11.1.
IBM CICS TX Standard versions 11.1, CICS TX Advanced versions 10.1 and 11.1.
You can fix CVE-2023-33848 by applying the patch provided by IBM for IBM CICS TX Standard version 11.1.