Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-6079 — Corporation AIX vulnerability

CWE-2646 documents4 sources

Severity

7.8HIGHNVD

EPSS

2.0%

top 16.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

IBM Corporation AIX IBM AIX IBM Vios

Timeline

PublishedFeb 15

Latest updateMay 13

Description

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDibm/aix4 versions+3

▶NVDibm/vios39 versions+38

▶CVEListV5ibm_corporation/aix4 versions+3

Patches

Patch: aix.software.ibm.com ↗Patch: aix.software.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-w82c-3xvf-q542: IBM AIX 5↗2022-05-13

▶

CVEList

CVE-2016-6079: IBM AIX 5↗2017-02-15

▶

💥Exploits & PoCs

Exploit-DB

IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Local Privilege Escalation↗2016-11-04

▶

Exploit-DB

Brickcom Corporation Network Cameras - Multiple Vulnerabilities↗2016-04-14

▶

Exploit-DB

Axis Network Cameras - Multiple Vulnerabilities↗2016-04-11

▶