Lucene search

K
cve[email protected]CVE-2015-5005
HistoryNov 08, 2015 - 10:59 p.m.

CVE-2015-5005

2015-11-0822:59:14
CWE-264
web.nvd.nist.gov
21
ibm
powerha systemmirror
aix
cve-2015-5005
remote authentication
su root
security vulnerability

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.7%

CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an “su root” action by leveraging presence on the cluster-wide password-change list.

Affected configurations

NVD
Node
ibmpowerha_system_mirror
AND
ibmaixMatch6.1
OR
ibmaixMatch7.1

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.7%

Related for CVE-2015-5005