Lucene search
HistoryNov 08, 2015 - 10:59 p.m.
CVE-2015-5005
ibm
powerha systemmirror
aix
cve-2015-5005
remote authentication
su root
security vulnerability
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an “su root” action by leveraging presence on the cluster-wide password-change list.
Affected configurations
Node
ibmpowerha_system_mirror
ibmaixMatch6.1
ORibmaixMatch7.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:powerha_system_mirror | ibm powerha system mirror | eq | * |
Related
cvelist
cvelist
CVE-2015-5005
2015-11-08 22:00:00
prion
prion
Design/Logic Flaw
2015-11-08 22:59:00
nessus
nessus
AIX 6.1 TL 0 : powerha (IV76943) (deprecated)
2015-09-16 00:00:00
nvd
nvd
CVE-2015-5005
2015-11-08 22:59:14
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
6.2 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.7%
Related for CVE-2015-5005