CVE-2008-5384 — IBM AIX vulnerability

CWE-2644 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 86.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedDec 9

Latest updateMay 17

Description

crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix6.1, 6.1.1, 6.1.2+2

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-rv35-wgc2-g26j: crontab in bos↗2022-05-17

▶

CVEList

CVE-2008-5384: crontab in bos↗2008-12-09

▶

💬Community

Bugzilla

CVE-2008-4688 mantis: bug title and status leak to unauthorized users↗2008-10-20

▶