CVE-2018-1383

Опубликовано: 13 фев. 2018

Источник: nvd

CVSS3: 9.1

CVSS2: 9

EPSS Низкий

Описание

A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117.

Ссылки

http://aix.software.ibm.com/aix/efixes/security/aixbase_advisory.asc
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1026948
Vendor Advisory
http://www.securityfocus.com/bid/102989
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040358
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/138117
VDB Entry
Vendor Advisory
http://aix.software.ibm.com/aix/efixes/security/aixbase_advisory.asc
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1026948
Vendor Advisory
http://www.securityfocus.com/bid/102989
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040358
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/138117
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.3:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.4:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.5:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.6:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.7:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.8:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:6.1.9:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.2:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.3:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.4:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1.5:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00512

Низкий

9.1 Critical

CVSS3

9 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-rf57-qx84-ccpf