CVE-2025-36236
published 2025-11-13CVE-2025-36236: IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | vios | — | — |
| ibm | vios | — | — |
| ibm | vios | — | — |
| ibm | vios | — | — |