{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-33849","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2023-05-23T00:31:59.438Z","datePublished":"2023-06-07T21:24:24.895Z","dateUpdated":"2025-01-06T21:22:49.352Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"TXSeries for Multiplatforms","vendor":"IBM","versions":[{"status":"affected","version":"8.1, 8.2, 9.1"}]},{"defaultStatus":"unaffected","product":"CICS TX Standard","vendor":"IBM","versions":[{"status":"affected","version":"11.1"}]},{"defaultStatus":"unaffected","product":"CICS TX Advanced","vendor":"IBM","versions":[{"status":"affected","version":"10.1, 11.1"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques.  IBM X-Force ID:  257105."}],"value":"IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques.  IBM X-Force ID:  257105."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.7,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-311","description":"CWE-311 Missing Encryption of Sensitive Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2023-06-07T21:24:24.895Z"},"references":[{"tags":["vdb-entry"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/257105"},{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7001687"},{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7001697"},{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7001695"}],"source":{"discovery":"UNKNOWN"},"title":"IBM CICS TX information disclosure","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T15:54:12.646Z"},"title":"CVE Program Container","references":[{"tags":["vdb-entry","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/257105"},{"tags":["vendor-advisory","x_transferred"],"url":"https://www.ibm.com/support/pages/node/7001687"},{"tags":["vendor-advisory","x_transferred"],"url":"https://www.ibm.com/support/pages/node/7001697"},{"tags":["vendor-advisory","x_transferred"],"url":"https://www.ibm.com/support/pages/node/7001695"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-06T21:22:36.862536Z","id":"CVE-2023-33849","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-06T21:22:49.352Z"}}]}}