CVE-2022-34314
Description
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM CICS TX 11.1 (Advanced and Standard) has insecure permission settings that allow a local attacker to read sensitive information.
Vulnerability
IBM CICS TX Advanced version 11.1 and IBM CICS TX Standard version 11.1 are vulnerable to information disclosure due to insecure permission settings [1], [2]. This allows a local user to access sensitive information that should be protected.
Exploitation
An attacker must have local access to the system. No authentication or user interaction is required (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) [1], [2]. The attacker can exploit the insecure permissions to read sensitive files or data.
Impact
Successful exploitation leads to disclosure of sensitive information (confidentiality impact: low). The attack does not affect integrity or availability [1], [2]. The CVSS base score is 4.0 [1], [2].
Mitigation
IBM has released fixes for both affected products. For IBM CICS TX Advanced 11.1, download the fix from the IBM support page (defect 127954). For IBM CICS TX Standard 11.1, also download the fix from the IBM support page (defect 127954). No workarounds are available [1], [2]. The fix was made available prior to the publication date of 31 Oct 2022.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.ibm.com/support/pages/node/6833166mitrevendor-advisory
- www.ibm.com/support/pages/node/6833170mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/229450mitrevdb-entry
News mentions
0No linked articles in our index yet.