CVE-2016-6079

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc	Mitigation Patch Vendor Advisory
http://www.securityfocus.com/bid/94090
http://www.securitytracker.com/id/1037256
https://www.exploit-db.com/exploits/40710/
http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc	Mitigation Patch Vendor Advisory
http://www.securityfocus.com/bid/94090
http://www.securitytracker.com/id/1037256
https://www.exploit-db.com/exploits/40710/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:ibm:aix:5.3:::::::*
	cpe:2.3:o:ibm:aix:6.1:::::::*
	cpe:2.3:o:ibm:aix:7.1:::::::*
	cpe:2.3:o:ibm:aix:7.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:ibm:vios:2.2.0.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.0.10:::::::*
	cpe:2.3:a:ibm:vios:2.2.0.11:::::::*
	cpe:2.3:a:ibm:vios:2.2.0.12:::::::*
	cpe:2.3:a:ibm:vios:2.2.0.13:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.1:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.3:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.4:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.5:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.6:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.7:::::::*
	cpe:2.3:a:ibm:vios:2.2.1.8:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.1:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.2:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.3:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.4:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.6:::::::*
	cpe:2.3:a:ibm:vios:2.2.2.70:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.1:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.2:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.3:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.4:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.50:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.51:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.52:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.60:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.70:::::::*
	cpe:2.3:a:ibm:vios:2.2.3.80:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.10:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.21:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.22:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.23:::::::*
	cpe:2.3:a:ibm:vios:2.2.4.30:::::::*
	cpe:2.3:a:ibm:vios:2.2.5.0:::::::*
	cpe:2.3:a:ibm:vios:2.2.5.10:::::::*

History

21 Nov 2024, 02:55

Type	Values Removed	Values Added
References	~~() http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc - Mitigation, Patch, Vendor Advisory~~	() http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc - Mitigation, Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/94090 -~~	() http://www.securityfocus.com/bid/94090 -
References	~~() http://www.securitytracker.com/id/1037256 -~~	() http://www.securitytracker.com/id/1037256 -
References	~~() https://www.exploit-db.com/exploits/40710/ -~~	() https://www.exploit-db.com/exploits/40710/ -

Information

Published : 2017-02-15 19:59

Updated : 2024-11-21 02:55

NVD link : CVE-2016-6079

Mitre link : CVE-2016-6079

CVE.ORG link : CVE-2016-6079

JSON object : View

Products Affected

ibm

aix
vios

CWE

CWE-264

Permissions, Privileges, and Access Controls

7.8 /10