CVE-2025-1331

Summary

IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.

Affected Software

VendorProductVersion RangeStatus
IBMCICS TX Standard11.1affected
IBMCICS TX Advanced10.1affected
IBMCICS TX Advanced11.1affected

Weaknesses

  • CWE-242: CWE-242 Use of Inherently Dangerous Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References