CVE-2024-47115 — OS Command Injection in IBM Vios

Severity

7.8HIGHNVD

EPSS

0.1%

top 71.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedDec 7

Description

IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on the system due to improper neutralization of input.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDibm/vios3.1, 4.1+1

▶CVEListV5ibm/aix7.2, 7.3, VIOS 3.1, VIOS 4.1

▶NVDibm/aix7.2, 7.3+1

GHSA

GHSA-rm3m-4fg8-qg47: IBM AIX 7↗2024-12-07

▶

CVEList

IBM AIX command execution↗2024-12-07

▶