CVE-2026-0977
MEDIUMIBM CICS Transaction Gateway 9.3-10.1 - Path Traversal
Title source: llmDescription
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.
References (1)
Core 1
Core References
Various Sources patch
vendor-advisory
https://www.ibm.com/support/pages/node/7263518
Scores
CVSS v3
5.1
EPSS
0.0021
EPSS Percentile
10.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (4)
IBM/CICS Transaction Gateway for Multiplatforms
10.1
IBM/CICS Transaction Gateway for Multiplatforms
9.3
ibm/cics_transaction_gateway
9.3
ibm/cics_transaction_gateway
10.1
Published
Mar 16, 2026
Tracked Since
Mar 16, 2026