Medium Severity

Security Bulletin: IBM CICS TX Advanced is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22475)

Share this post:

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the identity spoofing vulnerability CVE-2022-232475 from Liberty.

CVE(s): CVE-2022-22475

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM CICS TX Advanced 10.1
IBM CICS TX Advanced 11.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6619691
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/225603

More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tomcat

November 30, 2022 | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Tomcat. ...read more


Security Bulletin: IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps is vulnerable to information disclosure and weaker security (CVE-2022-43901, CVE-2022-43900)

November 30, 2022 | Medium Severity

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps could disclose sensitive information and contain weaker than expected security. This has been addressed. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python

November 30, 2022 | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python. ...read more