IBM CICS TG 9.3 Improper Access Control Allows File Transfer/View
CVE-2023-47140 Published on January 8, 2024
IBM CICS Transaction Gateway improper access controls
IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls.
Vulnerability Analysis
CVE-2023-47140 is exploitable with local system access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2023-47140
Want to know whenever a new CVE is published for IBM Cics Transaction Gateway? stack.watch will email you.
Affected Versions
IBM CICS Transaction Gateway Containers Version 9.3 is affected by CVE-2023-47140Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.