National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:ibm:vios:2.2.1.7
There are 6 matching records.
Vuln ID Summary CVSS Severity
CVE-2016-8972

IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.

Published: February 15, 2017; 02:59:01 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2016-6079

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

Published: February 15, 2017; 02:59:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2016-0281

The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.

Published: August 07, 2016; 09:59:02 PM -04:00
V3: 3.7 LOW
V2: 4.3 MEDIUM
CVE-2016-0266

IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

Published: August 07, 2016; 09:59:00 PM -04:00
V3: 3.7 LOW
V2: 4.3 MEDIUM
CVE-2014-8904

lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.

Published: January 15, 2015; 05:59:03 PM -05:00
V2: 7.2 HIGH
CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Published: October 14, 2014; 08:55:02 PM -04:00
V3: 6.8 MEDIUM
V2: 4.3 MEDIUM