Lucene search
HistoryNov 08, 2015 - 10:59 p.m.
CVE-2015-5005
ibm
powerha systemmirror
aix
cve-2015-5005
remote authentication
su root
security vulnerability
6.2 Medium
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.6%
CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an “su root” action by leveraging presence on the cluster-wide password-change list.
Affected configurations
Node
ibmpowerha_system_mirror
ibmaixMatch6.1
ORibmaixMatch7.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:powerha_system_mirror | ibm powerha system mirror | eq | * |
Related
cvelist
cvelist
CVE-2015-5005
2015-11-08 22:00:00
nessus
nessus
AIX 6.1 TL 0 : powerha (IV76943) (deprecated)
2015-09-16 00:00:00
nvd
nvd
CVE-2015-5005
2015-11-08 22:59:14
prion
prion
Design/Logic Flaw
2015-11-08 22:59:00
6.2 Medium
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.6%
Related for CVE-2015-5005