CVE-2023-50311

Name of the Vulnerable Software and Affected Versions IBM CICS Transaction Gateway for Multiplatforms versions 9.2 through 9.3

Description The issue could disclose sensitive path information to an attacker through debugging or error messages. It also involves the transmission or storage of authentication credentials using an insecure method, making them susceptible to unauthorized interception and/or retrieval.

Recommendations For IBM CICS Transaction Gateway for Multiplatforms versions 9.2 through 9.3, consider restricting access to debugging and error messages to minimize the risk of sensitive path information disclosure. As a temporary workaround, restrict the use of insecure authentication credential transmission or storage methods until a secure method is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.