CVE-2021-38990

Опубликовано: 10 янв. 2022

Источник: nvd

CVSS3: 8.4

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/212952
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6515496
Permissions Required
Vendor Advisory
https://www.ibm.com/support/pages/node/6538700
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/212952
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6515496
Permissions Required
Vendor Advisory
https://www.ibm.com/support/pages/node/6538700
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:vios:3.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00103

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xpq3-mh42-vvwh

github

около 4 лет назад

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.

EPSS

Процентиль: 29%

0.00103

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo