Search
Find a vulnerability
Search criteria
7 vulnerabilities found for CICS Transaction Gateway for Multiplatforms by IBM
CVE-2026-0977 (GCVE-0-2026-0977)
Vulnerability from nvd – Published: 2026-03-13 20:11 – Updated: 2026-03-16 20:10
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms Information Disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.
Severity
5.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7263518 | patchvendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.3
Affected: 10.1 cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:10.1:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T20:10:07.509831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T20:10:20.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:10.1:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.3"
},
{
"status": "affected",
"version": "10.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.\u0026nbsp;"
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T20:11:00.825Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"patch",
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7263518"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerabilities now by configuring proper egress/ingress policies at either the POD or HOST level.\u0026nbsp; More details as to how to do this are described in the following CICS Transaction Gateway for Multiplatforms documentation.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVRMF\u003c/td\u003e\u003ctd\u003eRemediation/First Fix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCICS Transaction Gateway for Multiplatforms\u003c/td\u003e\u003ctd\u003e9.3\u003c/td\u003e\u003ctd\u003eRefer to this\u0026nbsp;\u003ca title=\"https://www.ibm.com/docs/en/cics-tg-multi/9.3.0?topic=security-network-policies-cics-tg-in-containers\" href=\"https://www.ibm.com/docs/en/cics-tg-multi/9.3.0?topic=security-network-policies-cics-tg-in-containers\" rel=\"nofollow\"\u003edocumentation\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCICS Transaction Gateway for Multiplatforms\u003c/td\u003e\u003ctd\u003e10.1\u003c/td\u003e\u003ctd\u003e\u003cp\u003eRefer to this\u0026nbsp;\u003ca title=\"https://www.ibm.com/docs/en/cics-tg-multi/10.1.0?topic=security-network-policies-cics-tg-in-containers\" href=\"https://www.ibm.com/docs/en/cics-tg-multi/10.1.0?topic=security-network-policies-cics-tg-in-containers\" rel=\"nofollow\"\u003edocumentation\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerabilities now by configuring proper egress/ingress policies at either the POD or HOST level.\u00a0 More details as to how to do this are described in the following CICS Transaction Gateway for Multiplatforms documentation.\n\nProductVRMFRemediation/First FixCICS Transaction Gateway for Multiplatforms9.3Refer to this\u00a0 documentation https://www.ibm.com/docs/en/cics-tg-multi/9.3.0 CICS Transaction Gateway for Multiplatforms10.1Refer to this\u00a0 documentation https://www.ibm.com/docs/en/cics-tg-multi/10.1.0"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-0977",
"datePublished": "2026-03-13T20:11:00.825Z",
"dateReserved": "2026-01-15T06:53:02.974Z",
"dateUpdated": "2026-03-16T20:10:20.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-50310 (GCVE-0-2023-50310)
Vulnerability from nvd – Published: 2024-10-23 10:55 – Updated: 2024-10-23 13:45
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms information disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.2, 9.3
cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:45:18.638182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:45:26.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.2, 9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval."
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T10:55:53.145Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7145418"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-50310",
"datePublished": "2024-10-23T10:55:53.145Z",
"dateReserved": "2023-12-07T01:29:00.310Z",
"dateUpdated": "2024-10-23T13:45:26.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50311 (GCVE-0-2023-50311)
Vulnerability from nvd – Published: 2024-03-31 12:00 – Updated: 2024-10-23 10:59
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms information disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://https://www.ibm.com/support/pages/node/7145418 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.2, 9.3
cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T21:01:58.938895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T21:02:04.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://https://www.ibm.com/support/pages/node/7145418"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/273612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.2, 9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages."
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T10:59:46.860Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://https://www.ibm.com/support/pages/node/7145418"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-50311",
"datePublished": "2024-03-31T12:00:11.233Z",
"dateReserved": "2023-12-07T01:29:00.310Z",
"dateUpdated": "2024-10-23T10:59:46.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-0977 (GCVE-0-2026-0977)
Vulnerability from cvelistv5 – Published: 2026-03-13 20:11 – Updated: 2026-03-16 20:10
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms Information Disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.
Severity
5.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7263518 | patchvendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.3
Affected: 10.1 cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:10.1:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T20:10:07.509831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T20:10:20.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:10.1:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.3"
},
{
"status": "affected",
"version": "10.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.\u0026nbsp;"
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T20:11:00.825Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"patch",
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7263518"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerabilities now by configuring proper egress/ingress policies at either the POD or HOST level.\u0026nbsp; More details as to how to do this are described in the following CICS Transaction Gateway for Multiplatforms documentation.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVRMF\u003c/td\u003e\u003ctd\u003eRemediation/First Fix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCICS Transaction Gateway for Multiplatforms\u003c/td\u003e\u003ctd\u003e9.3\u003c/td\u003e\u003ctd\u003eRefer to this\u0026nbsp;\u003ca title=\"https://www.ibm.com/docs/en/cics-tg-multi/9.3.0?topic=security-network-policies-cics-tg-in-containers\" href=\"https://www.ibm.com/docs/en/cics-tg-multi/9.3.0?topic=security-network-policies-cics-tg-in-containers\" rel=\"nofollow\"\u003edocumentation\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCICS Transaction Gateway for Multiplatforms\u003c/td\u003e\u003ctd\u003e10.1\u003c/td\u003e\u003ctd\u003e\u003cp\u003eRefer to this\u0026nbsp;\u003ca title=\"https://www.ibm.com/docs/en/cics-tg-multi/10.1.0?topic=security-network-policies-cics-tg-in-containers\" href=\"https://www.ibm.com/docs/en/cics-tg-multi/10.1.0?topic=security-network-policies-cics-tg-in-containers\" rel=\"nofollow\"\u003edocumentation\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerabilities now by configuring proper egress/ingress policies at either the POD or HOST level.\u00a0 More details as to how to do this are described in the following CICS Transaction Gateway for Multiplatforms documentation.\n\nProductVRMFRemediation/First FixCICS Transaction Gateway for Multiplatforms9.3Refer to this\u00a0 documentation https://www.ibm.com/docs/en/cics-tg-multi/9.3.0 CICS Transaction Gateway for Multiplatforms10.1Refer to this\u00a0 documentation https://www.ibm.com/docs/en/cics-tg-multi/10.1.0"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-0977",
"datePublished": "2026-03-13T20:11:00.825Z",
"dateReserved": "2026-01-15T06:53:02.974Z",
"dateUpdated": "2026-03-16T20:10:20.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-50310 (GCVE-0-2023-50310)
Vulnerability from cvelistv5 – Published: 2024-10-23 10:55 – Updated: 2024-10-23 13:45
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms information disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.2, 9.3
cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:45:18.638182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:45:26.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.2, 9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval."
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T10:55:53.145Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7145418"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-50310",
"datePublished": "2024-10-23T10:55:53.145Z",
"dateReserved": "2023-12-07T01:29:00.310Z",
"dateUpdated": "2024-10-23T13:45:26.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50311 (GCVE-0-2023-50311)
Vulnerability from cvelistv5 – Published: 2024-03-31 12:00 – Updated: 2024-10-23 10:59
VLAI
Title
IBM CICS Transaction Gateway for Multiplatforms information disclosure
Summary
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://https://www.ibm.com/support/pages/node/7145418 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_transferred |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | CICS Transaction Gateway for Multiplatforms |
Affected:
9.2, 9.3
cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:* cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T21:01:58.938895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T21:02:04.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://https://www.ibm.com/support/pages/node/7145418"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/273612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:cics_transaction_gateway:9.2:*:*:*:*:multiplatforms:*:*",
"cpe:2.3:a:ibm:cics_transaction_gateway:9.3:*:*:*:*:multiplatforms:*:*"
],
"defaultStatus": "unaffected",
"product": "CICS Transaction Gateway for Multiplatforms",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.2, 9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages."
}
],
"value": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T10:59:46.860Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://https://www.ibm.com/support/pages/node/7145418"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS Transaction Gateway for Multiplatforms information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-50311",
"datePublished": "2024-03-31T12:00:11.233Z",
"dateReserved": "2023-12-07T01:29:00.310Z",
"dateUpdated": "2024-10-23T10:59:46.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-202410-3534
Vulnerability from variot - Updated: 2024-11-07 22:34IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM of Multiplatforms for IBM CICS Transaction Gateway There are vulnerabilities in inadequate protection of credentials.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202410-3534",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "9.3"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "cics transaction gateway for multiplatforms",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "cics transaction gateway for multiplatforms",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "9.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"cve": "CVE-2023-50310",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2024-43184",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-50310",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2023-50310",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-50310",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-50310",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2023-50310",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-50310",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2024-43184",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM of Multiplatforms for IBM CICS Transaction Gateway There are vulnerabilities in inadequate protection of credentials.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-50310"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "CNVD",
"id": "CNVD-2024-43184"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-50310",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-43184",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"id": "VAR-202410-3534",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
}
]
},
"last_update_date": "2024-11-07T22:34:10.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "7145418",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/7145418"
},
{
"title": "Patch for IBM CICS Transaction Gateway for Multiplatforms Insufficient Credential Protection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/607931"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.0
},
{
"problemtype": "Inadequate protection of credentials (CWE-522) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.ibm.com/support/pages/node/7145418"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-50310"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"date": "2024-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"date": "2024-10-23T11:15:12.600000",
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-43184"
},
{
"date": "2024-11-06T02:01:00",
"db": "JVNDB",
"id": "JVNDB-2023-027472"
},
{
"date": "2024-11-05T16:40:57.533000",
"db": "NVD",
"id": "CVE-2023-50310"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0 of \u00a0Multiplatforms\u00a0 for \u00a0IBM\u00a0CICS\u00a0Transaction\u00a0Gateway\u00a0 Vulnerability regarding insufficient protection of authentication information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-027472"
}
],
"trust": 0.8
}
}