IBM CICS TX Standard and Advanced Arbitrary Code Execution Vulnerability via DNS Handling

Vulnerability

A vulnerability in IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system. This issue arises from improper handling of DNS return requests by the gethostbyaddr function.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

3.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM CICS TX Standard and Advanced Arbitrary Code Execution Vulnerability via DNS Handling

Vulnerability

Impact

Affected Products

IBM CICS TX Standard

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating