From the CICS documentation we can read:
User IDs and passwords specified in the CESN transaction are translated to uppercase, ignoring the setting of the UCTRAN attribute.
However, if support for mixed case passwords is active in the external security manager, CICS saves the value of the UCTRAN option and temporarily sets it to UCTRAN(NO) while the user is prompted to enter a userid and password.
CESN then uppercases the userid but leaves the password in the case entered by the user.
When the CESN transaction completes, the UCTRAN attribute is restored to its original value. If the user disconnects from the terminal before the CESN transaction has completed, the terminal might be left with the UCTRAN(NO) attribute set.
Can Mixed Case Password be detected By Other Products like CICS with CA Top secret?
Release: Top Secret-Security 16.0
Component:
Yes, any other vendor product can check the RCVTPLC bit in the RCVT which indicates that lower case passwords can be used.
So, it works with CICS as indicated.
You can also read Articles 27262 and 22602 for more information about the mixed case password feature.