IBM Virtual I/O Server (VIOS) 2.2.0.10

CPE Details

IBM Virtual I/O Server (VIOS) 2.2.0.10
ibm
vios
2.2.0.10
2021-08-31
12h50 +00:00
2021-08-31
13h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

vios

Version

2.2.0.10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-6079 2017-02-15 18h00 +00:00 IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.
7.8
High
CVE-2016-8972 2017-02-15 18h00 +00:00 IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
7.8
High
CVE-2016-0266 2016-08-07 23h00 +00:00 IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
3.7
Low
CVE-2016-0281 2016-08-07 23h00 +00:00 The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.
3.7
Low
CVE-2014-8904 2015-01-15 21h00 +00:00 lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.
7.2
CVE-2014-3566 2014-10-14 22h00 +00:00 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
3.4
Low
CVE-2014-3074 2014-07-02 08h00 +00:00 The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
7.2
CVE-2014-3977 2014-06-08 21h00 +00:00 libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
6.9
CVE-2014-0930 2014-05-08 08h00 +00:00 The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
4.7
CVE-2012-4817 2012-09-14 21h00 +00:00 The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
5
CVE-2012-0745 2012-05-04 14h00 +00:00 The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
7.2
CVE-2011-1385 2012-03-02 21h00 +00:00 IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
7.8