CVE-2011-1561 — Improper Authentication in IBM AIX

CWE-287 — Improper Authentication3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.4%
top 40.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedApr 5
Latest updateMay 17

Description

The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

â–¶NVDibm/aix6.1

🔴Vulnerability Details

2
GHSA
GHSA-hfhh-jfhv-rw66: The LDAP login feature in bos↗2022-05-17
â–¶
CVEList
CVE-2011-1561: The LDAP login feature in bos↗2011-04-05
â–¶
CVE-2011-1561 — Improper Authentication in IBM AIX | cvebase