PT-2022-22117 · Ibm · Ibm Cics Tx Standard+1

Published

2022-07-08

Updated

2023-08-08

CVE-2022-34306

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM CICS TX Standard and Advanced version 11.1

Description The issue is caused by improper validation of input by the HOST headers, leading to HTTP header injection. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning, or session hijacking.

Recommendations For IBM CICS TX Standard and Advanced version 11.1, update the software to a version that properly validates input by the HOST headers to prevent HTTP header injection.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-34306

Affected Products

Ibm Cics Tx Advanced

Ibm Cics Tx Standard

PT-2022-22117 · Ibm · Ibm Cics Tx Standard+1

CVE-2022-34306

Weakness Enumeration

Related Identifiers

Affected Products

References · 6