CVE-2025-1330
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
08/05/2025
Last modified:
05/06/2025
Description
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_10:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_11:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_12:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_13:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_14:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_15:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_16:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_17:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_18:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_19:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_20:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_21:*:*:standard:*:*:* |
To consult the complete list of CPE names with products and versions, see this page