CVE-2025-1331

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-1331
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7232923 Vendor Advisory
https://www.ibm.com/support/pages/node/7232924 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_10:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_11:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_12:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_13:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_14:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_15:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_16:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_17:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_18:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_19:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_20:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_21:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_22:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_23:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_24:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_3:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_4:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_5:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_6:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_7:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_8:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_9:*:*:standard:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
History

05 Jun 2025, 14:29

Type Values Removed Values Added
First Time Linux linux Kernel
Ibm
Ibm cics Tx
Linux
CPE cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_14:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_3:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_8:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_6:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_24:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_15:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_20:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_12:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_4:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_9:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_16:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_11:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_17:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_5:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_22:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_23:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_19:*:*:standard:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_10:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_7:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_21:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_18:*:*:standard:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_13:*:*:standard:*:*:*
References () https://www.ibm.com/support/pages/node/7232923 - () https://www.ibm.com/support/pages/node/7232923 - Vendor Advisory
References () https://www.ibm.com/support/pages/node/7232924 - () https://www.ibm.com/support/pages/node/7232924 - Vendor Advisory
CWE NVD-CWE-noinfo

12 May 2025, 17:32

Type Values Removed Values Added
Summary
  • (es) IBM CICS TX Standard 11.1 e IBM CICS TX Advanced 10.1 y 11.1 podrían permitir que un usuario local ejecute código arbitrario en el sistema debido al uso inseguro de la función gets.

08 May 2025, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-08 22:15

Updated : 2025-06-05 14:29

NVD link : CVE-2025-1331

Mitre link : CVE-2025-1331

CVE.ORG link : CVE-2025-1331

JSON object : View

Products Affected

linux

  • linux_kernel

ibm

  • cics_tx
CWE
CWE-242

Use of Inherently Dangerous Function

NVD-CWE-noinfo