CVE-2014-3042

Name of the Vulnerable Software and Affected Versions IBM CICS Transaction Server versions 3.1 through 5.1

Description The issue is related to the improper implementation of CEMT transactions in IBM CICS Transaction Server, which can be exploited by remote authenticated users to cause a denial of service, specifically a storage overlay. This can be achieved by using a 3270 emulator to send an invalid 3270 data stream.

Recommendations For versions 3.1 through 5.1, apply the fix provided by IBM to properly implement CEMT transactions and prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.