CVE-2012-4817 — IBM Vios vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

2.4%

top 14.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX IBM Vios

Timeline

PublishedSep 14

Latest updateMay 13

Description

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/vios17 versions+16

▶NVDibm/aix5.3, 6.1, 7.1+2

🔴Vulnerability Details

GHSA

GHSA-ff3x-x3rg-h387: The NFSv4 client implementation in IBM AIX 5↗2022-05-13

▶

CVEList

CVE-2012-4817: The NFSv4 client implementation in IBM AIX 5↗2012-09-14

▶