VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 14, 2022· Updated Apr 29, 2025

IBM CICS TX information disclosure

CVE-2022-34319

Description

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

IBM CICS TX Advanced and Standard versions 11.1 use weak cryptographic algorithms, allowing an unauthenticated attacker on the network to decrypt highly sensitive information.

Vulnerability

IBM CICS TX Advanced and Standard version 11.1 use weaker than expected cryptographic algorithms [1][2]. This vulnerability (CVE-2022-34319) allows an attacker to decrypt highly sensitive information. The affected products are IBM CICS TX Advanced 11.1 and IBM CICS TX Standard 11.1.

Exploitation

An unauthenticated attacker with network access can exploit this weakness. The CVSS vector indicates high attack complexity (AC:H) but no privileges or user interaction required [1][2]. The exact exploitation steps are not detailed, but the attacker would likely intercept encrypted data and leverage weak ciphers to decrypt it.

Impact

Successful exploitation results in the disclosure of highly sensitive information, compromising confidentiality. The CVSS score is 5.9 with high confidentiality impact and no impact on integrity or availability [1][2].

Mitigation

IBM has released fixes for both affected products. For IBM CICS TX Advanced 11.1 and IBM CICS TX Standard 11.1, download and apply the interim fix from IBM's support page [1][2]. No workarounds are available.

References
  1. IBM CICS TX Advanced is vulnerable to an attacker decrypting highly sensitive information (CVE-2022-34319).
  2. IBM CICS TX Standard is vulnerable to an attacker being allowed to decrypt highly sensitive information (CVE-2022-34319).

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • IBM/CICS TXllm-fuzzy2 versions
    = 11.7+ 1 more
    • (no CPE)range: = 11.7
    • (no CPE)range: 11.7

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.