Denial of Service Vulnerability in IBM AIX and VIOS Systems
CVE-2022-22351

6.1MEDIUM

Key Information:

Vendor: IBM
Status: Aix; ViOS
Vendor: CVE Published:; 4 March 2022

Summary

A denial of service vulnerability in the nimsh daemon on IBM AIX and VIOS systems could allow a malicious actor, operating as a non-privileged user on a trusted host, to disrupt the services of the nimsh daemon on another trusted host. This could result in service interruptions and degraded performance in environments reliant on these systems. Users of IBM AIX versions 7.1, 7.2, 7.3, and VIOS 3.1 are advised to apply the necessary patches to mitigate this risk.

Affected Version(s)

AIX 7.1

AIX 7.2

AIX 7.3

References

https://www.ibm.com/support/pages/node/6561275

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/220396

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 4, 2022
Vulnerability Reserved
Jan 3, 2022