Denial of Service Vulnerability in IBM Informix Dynamic Server
CVE-2025-1991

7.5HIGH

Key Information:

Vendor: IBM
Status: Informix Dynamic Server
Vendor: CVE Published:; 28 June 2025

What is CVE-2025-1991?

IBM Informix Dynamic Server versions 12.10, 14.10, and 15.0 are susceptible to a vulnerability that enables a remote attacker to trigger a denial of service condition. This occurs due to an integer underflow when the server processes incoming packets, which could lead to unexpected behavior or crashes.

Affected Version(s)

Informix Dynamic Server 12.10,14.10,15.0

References

https://www.ibm.com/support/pages/node/7238455

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2025
Vulnerability Reserved
Mar 5, 2025

Credit

cnwangjihe