PT-2025-20426 · Ibm · Ibm Cics Tx Standard+1
Published
2025-05-08
·
Updated
2025-05-09
·
CVE-2025-1330
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM CICS TX Standard versions 11.1
IBM CICS TX Advanced versions 10.1 through 11.1
Description
The issue is due to the failure to handle DNS return requests by the
gethostbyname function, which could allow a local user to execute arbitrary code on the system.Recommendations
For IBM CICS TX Standard version 11.1, update to a version that includes a fix for the issue with the
gethostbyname function.
For IBM CICS TX Advanced versions 10.1 through 11.1, update to a version that includes a fix for the issue with the gethostbyname function.
As a temporary workaround, consider restricting access to the gethostbyname function until a patch is available.Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cics Tx Advanced
Ibm Cics Tx Standard