CVE-2022-33955OS Command Injection in IBM Cics TX Advanced

CWE-78OS Command Injection3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.3%
top 51.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Cics TX AdvancedIBM Cics TX StandardIBM Cics TX
Timeline
PublishedAug 1
Latest updateAug 2

Description

IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID: 229312.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages3 packages

NVDibm/cics_tx11.1
CVEListV5ibm/cics_tx_advanced11.1
CVEListV5ibm/cics_tx_standard11.1

Patches

Patch: www.ibm.comPatch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-8m66-7mgh-4hjx: IBM CICS TX 112022-08-02
CVEList
CVE-2022-33955: IBM CICS TX 112022-08-01
CVE-2022-33955 — OS Command Injection in IBM | cvebase