CVE-2013-3035 — Improper Input Validation in IBM Vios

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.1HIGHNVD

EPSS

6.7%

top 8.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX IBM Vios

Timeline

PublishedJun 21

Latest updateMay 17

Description

The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

▶NVDibm/vios2.2.1.4

▶NVDibm/aix6.1, 7.1+1

🔴Vulnerability Details

GHSA

GHSA-24q2-qw2x-xxpj: The IPv6 implementation in the inet subsystem in IBM AIX 6↗2022-05-17

▶

CVEList

CVE-2013-3035: The IPv6 implementation in the inet subsystem in IBM AIX 6↗2013-06-21

▶