AIX Vulnerability Allows Non-Privileged Users to Execute Arbitrary Commands
CVE-2024-27260
8.4HIGH
Summary
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 283985.
Affected Version(s)
AIX = 7.2, 7.3, VIOS 3.1, VIOS 4.1
AIX = cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*
AIX = cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database