CVE-2025-1331
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/05/2025
Last modified:
05/06/2025
Description
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_10:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_11:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_12:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_13:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_14:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_15:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_16:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_17:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_18:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_19:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_20:*:*:standard:*:*:* | ||
| cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_21:*:*:standard:*:*:* |
To consult the complete list of CPE names with products and versions, see this page