Every CVE whose affected-product data names Ibm Cics Tx, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (46)
CVE-2022-31767 — CVSS 9.8 (critical): IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially…
CVE-2022-34161 — CVSS 8.8 (high): IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions…
CVE-2025-1331 — CVSS 7.8 (high): IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to…
CVE-2025-1329 — CVSS 7.8 (high): IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to…
CVE-2025-1330 — CVSS 7.8 (high): IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to…
CVE-2023-33850 — CVSS 7.5 (high): IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption…
CVE-2024-41746 — CVSS 7.2 (high): IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed…
CVE-2022-33955 — CVSS 6.8 (medium): IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM…
CVE-2024-41744 — CVSS 6.5 (medium): IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized…
CVE-2022-34163 — CVSS 6.1 (medium): IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an…
CVE-2022-34162 — CVSS 6.1 (medium): IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web…
CVE-2023-38360 — CVSS 6.1 (medium): IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2023-38364 — CVSS 6.1 (medium): IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2024-41745 — CVSS 6.1 (medium): IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary…
CVE-2022-34319 — CVSS 5.9 (medium): IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information…
CVE-2022-34320 — CVSS 5.9 (medium): IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information…
CVE-2023-38361 — CVSS 5.9 (medium): IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2022-34310 — CVSS 5.9 (medium): IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2022-34309 — CVSS 5.9 (medium): IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2023-43018 — CVSS 5.9 (medium): IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level…
CVE-2022-34164 — CVSS 5.5 (medium): IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338.
CVE-2022-34308 — CVSS 5.5 (medium): IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.
CVE-2022-34315 — CVSS 5.4 (medium): IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2022-34306 — CVSS 5.4 (medium): IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2022-34317 — CVSS 5.4 (medium): IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2022-34318 — CVSS 5.4 (medium): IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web…
CVE-2023-33846 — CVSS 5.4 (medium): IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site…
CVE-2022-34167 — CVSS 5.4 (medium): IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2022-34160 — CVSS 5.4 (medium): IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when…
CVE-2022-34166 — CVSS 5.4 (medium): IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2022-38705 — CVSS 5.3 (medium): IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw…
CVE-2022-34329 — CVSS 5.3 (medium): IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467.
CVE-2023-38362 — CVSS 5.3 (medium): IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM…
CVE-2023-33848 — CVSS 4.9 (medium): IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to…
CVE-2023-42031 — CVSS 4.9 (medium): IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause…
CVE-2023-42029 — CVSS 4.8 (medium): IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This…
CVE-2022-34307 — CVSS 4.3 (medium): IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie…
CVE-2022-34313 — CVSS 4.3 (medium): IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie…
CVE-2022-34311 — CVSS 4.3 (medium): IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due…
CVE-2023-38363 — CVSS 4.3 (medium): IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the…
CVE-2023-42027 — CVSS 4.3 (medium): IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery…
CVE-2022-34314 — CVSS 4.0 (medium): IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450.
CVE-2022-34312 — CVSS 4.0 (medium): IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447.
CVE-2023-33849 — CVSS 3.7 (low): IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information…
CVE-2023-33847 — CVSS 3.7 (low): IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on…
CVE-2022-34316 — CVSS 3.7 (low): IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser…