PT-2025-20425 · Ibm · Ibm Cics Tx Standard+1
Published
2025-05-08
·
Updated
2025-05-09
·
CVE-2025-1329
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM CICS TX Standard versions 11.1
IBM CICS TX Advanced versions 10.1 through 11.1
Description
The issue is due to the failure to handle DNS return requests by the
gethostbyaddr function, which could allow a local user to execute arbitrary code on the system.Recommendations
For IBM CICS TX Standard version 11.1, update to a version that includes a fix for the issue.
For IBM CICS TX Advanced versions 10.1 through 11.1, update to a version that includes a fix for the issue.
As a temporary workaround, consider restricting access to the
gethostbyaddr function until a patch is available.Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cics Tx Advanced
Ibm Cics Tx Standard